Article

Eleven patches due from Microsoft

SearchSecurity.com Staff

Microsoft plans to release 11 patches, including four rated as critical for Internet Explorer, Active Directory, Excel and Host Integration Server.

In the Microsoft advance patch notice for October, issued Thursday,

    Requires Free Membership to View

the software giant said it will release six patches rated as important for Windows and one listed as moderate for Office. Microsoft plans to issue the updates on Oct. 14.
Microsoft September updates:
Microsoft plugs Media Player, graphics handling flaws: Flaws in Microsoft's Graphics Device Interface could affect multiple systems and third party applications, Microsoft said.

Microsoft provides guidance on GDI flaws: Microsoft's Bill Sisk explains why five remote code execution vulnerabilities in GDI+ affect multiple systems and third-party applications.

Details were sparse, as is customary in Microsoft's advance notices, but the company said the critical updates will fix vulnerabilities that could lead to remote code execution by an attacker.

In September, Microsoft released critical updates addressing multiple client-side remote code execution flaws in its Graphics Device Interface (GDI+) that could affect multiple systems and third-party applications. Last month, Microsoft also plugged a remote code execution vulnerability in an ActiveX control in Windows Media Encoder 9.

Microsoft also said it would begin sharing vulnerability information with security vendors this month. The goal is to help the vendors develop signatures and filters prior to the release of patches on the second Tuesday of each month.

Known as the Microsoft Active Protections Program (MAPP), the new plan will be open to security companies that provide defensive technology to large customer bases. Those vendors that could gain access typically sell antivirus, intrusion detection system (IDS) and intrusion prevention system (IPS) software and appliances. Security vendors have been calling for early notification. Microsoft officials also said they've gotten to the point where they could use some help from the rest of the security community.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: