Twelve Microsoft fixes coming on Patch Tuesday

By Eileen Kennedy, News Writer 03 Aug 2006 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

This follows the software giant's July release of seven security problems and June's release of 13 such bulletins.

More specifically, Microsoft will release 10 Windows security bulletins and two for Office, although it is unclear just how many of the 12 security fixes are critical.

The 10 Windows updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool, and some updates will require a restart. The two Office updates can be detected using the Baseline Security Analyzer and may also require a restart.

It is likely that one of the Office security patches will be a fix for zero-day PowerPoint flaw that Microsoft said recently was critical enough to merit a fix on or before Aug. 8.

When exploited, it arrives by email as a Microsoft PowerPoint document attachment. After a recipient opens the document, the vulnerability is triggered and attackers can then run malicious code on the affected machine.

It's doubtful any of the patches will address a newly discovered Windows vulnerability involving a NULL pointer dereference error in the server drivers, which attackers can exploit to crash a system using a specially crafted network packet.

As is its monthly practice, Microsoft will release an updated version of its Malicious Software Removal Tool and it will host a webcast Wednesday to answer questions IT administrators may have.

"Although we do not anticipate any changes, the number of bulletins, products affected, restart information and severities are subject to change until released," Microsoft said.

Tags: Security Patch Management,  Securing Productivity Applications,  Windows Security: Alerts, Updates and Best Practices,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Security Patch Management Adobe patches ColdFusion vulnerability blocking website attack Microsoft to address DirectShow, ActiveX zero-day flaws Adobe fixes critical Shockwave Flash Player flaw Mozilla patches 11 Firefox security flaws, JavaScript errors Microsoft patches WebDAV security vulnerability in bevy of updates Adobe issues first quarterly patch release fixing 13 flaws Microsoft plans 10 security updates, fixing IE, Word, Excel vulnerabilities Adobe shifts to Microsoft patching process, incident response plan Software delivery could fix software patching issues Microsoft updates Office to address serious PowerPoint vulnerabilities Securing Productivity Applications Adobe ColdFusion websites being compromised Adobe fixes critical Shockwave Flash Player flaw Adobe issues first quarterly patch release fixing 13 flaws Adobe shifts to Microsoft patching process, incident response plan Balancing security and performance: Protecting layer 7 on the network Software Piracy pandemic needs government role, better vendor antipiracy plans McAfee to acquire Solidcore Systems for whitelisting Adobe issues Reader update fixing zero-day flaw Microsoft to patch critical PowerPoint zero-day flaw PCI DSS: Best practices for compliance Windows Security: Alerts, Updates and Best Practices Microsoft to address DirectShow, ActiveX zero-day flaws New attack code targets Microsoft ActiveX zero-day vulnerability When BIOS updates become malware attacks Microsoft patches WebDAV security vulnerability in bevy of updates Microsoft plans 10 security updates, fixing IE, Word, Excel vulnerabilities Hackers targeting unpatched Microsoft DirectShow flaw Microsoft warns of IIS zero-day vulnerability Microsoft updates Office to address serious PowerPoint vulnerabilities Microsoft to patch critical PowerPoint zero-day flaw How to perform Microsoft Baseline Security Analyzer (MBSA) scans

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary attack vector  (SearchSecurity.com) back door  (SearchSecurity.com) ethical worm  (SearchSecurity.com) Patch Tuesday  (SearchSecurity.com) zero-day exploit  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary