While this month saw only one new security patch from Microsoft, June might be a different story.
"We're thinking that next month is going to be another big month," said Mark Loveless, senior security analyst with BindView Corp., in Houston. "You hear this researcher say, 'I've got a bug and we're close.' This could be a pretty good month."
The "important" patch released this month -- MS05-024 -- fixed a flaw in how some HTML characters in preview fields are seen in Web view in Windows Explorer. Unpatched, it could allow code to be remotely executed. Windows 98 and Windows 2000 systems are vulnerable, but Windows XP and Windows 2003 are not.
The value of security advisories
In this month's security announcement cycle, Microsoft began releasing security advisories -- without accompanying software updates -- to mixed
Loveless didn't find the advisories to be useful. "To me that's just spin," he said. "It's PR so they are just acknowledging a problem that already exists. One would assume that they're always working on some problem. It doesn't add anything to anything, in my opinion."
But Mohammed Athif Khaleel, a Microsoft most valuable professional (MVP) for Windows Server, said he thinks the advisories do benefit users. The advisories, he said, serve as advance notice for patches that might be coming down the road.
WSUS print status problem
Khaleel said he reported a flaw in print status of bulletins to the Microsoft WSUS. The cause of the problem is unknown, he said, but users can work around it by saving the bulletin with a .htm extension, opening it and printing.
A Microsoft spokesperson confirmed that the company's Security Response Center is aware of the printing problem, but said that no firm date has been set for a fix. The company also re-released four bulletins with additional information, but did not change the patches: MS05-009, MS05-019, MS05-022 and MS05-023.
A question of response time
As for Microsoft's security update strategy, Loveless said the company has made progress, but it still has a long way to go.
"Before, you basically had to release exploit code to get them to leap," Loveless said. "To this day, we still have to push them to make sure that they do things, so a lot of behind-the-scenes trying to hold their feet to the fire still goes on between Microsoft and researchers. But in a lot of cases, they are much more responsive."
However, in an informal trial, Loveless said that Microsoft's automated testing service took much longer than anticipated to update the security notifications.
"In a couple of cases it took about a week, which is not great, because during the same time, before that happened, you had exploit code coming out," Loveless said. "I think their patching services, as far as the automated services, need some improvement."
Note: This article originally appeard on SearchWindowsSecurity.com.