Menu
Five updates for Patch Tuesday

Five updates for Patch Tuesday

Microsoft has said it will release five security updates next Tuesday — about half as many as it issued last month — targeting flaws in Windows, SharePoint, Visual Studio and Microsoft's instant messaging clients.

Of the five bulletins expected September 11, only one will be labelled "critical," Microsoft's highest rating, although of the remaining four -- all ranked "important" -- two could result in remote code execution if successfully exploited. Details were spelled out in the pre-patch notification that Microsoft posted Thursday morning.

Windows will be pegged by two of the updates, including the single critical patch, which is slated to fix one or more unspecified vulnerabilities in Windows 2000 SP4. The other update will plug one or more flaws in Windows Services for UNIX (SFU), which is present in all versions of Microsoft's operating system, including Vista. The Microsoft-produced SFU is a collection of components that make it possible for Windows and Unix systems to talk to each other. Mixed OS shops, for instance, install SFU so that Windows PCs can map to Unix NFS network shares.

Other updates are set to plug holes in SharePoint Services 3.0 on Windows Server 2003, Visual Studio through version 2005 SP1 and the MSN Messenger/Live Messenger versions 6.2, 7.0, 7.5 and 8.0.

Windows Vista, which has been hammered by updates of late -- last month, five of nine security bulletins affected Vista -- will be patched by only one of the five September fixes.

As is customary, Microsoft gave only partial details of the upcoming updates, making it difficult to predict the specific vulnerabilities being patched. Danish vulnerability tracker Secunia, for example, shows no unpatched problems for either SFU or SharePoint Services. However, Secunia's database does list outstanding vulnerabilities in Visual Studio, which sports a still-unpatched bug from January 2006; Windows 2000; and the MSN and Live Messenger clients.

The Messenger update will likely patch the Webcam vulnerability reported late last month on a Chinese-language security mailing list. According to an advisory issued Aug. 28 by US-CERT (the U.S. Computer Emergency Response Team), all versions but the newest are susceptible to attack via a heap overflow bug through a purposefully-malformed Webcam session. Exploit code was also publicly posted in August.

At the time, US-CERT recommended users upgrade immediately to Windows Live Messenger 8.1, which was not affected by the bug.

Microsoft posts updates on the second Tuesday of each month between 1 p.m. and 3 p.m. EDT.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Microsoftpatchtuesday

Events

Featured

Slideshows

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments