Menu
Microsoft slates critical Windows, IE fixes for next week

Microsoft slates critical Windows, IE fixes for next week

Microsoft will release nine security updates next week, with fixes slated for Internet Explorer, Windows, SharePoint Server and Web app developer tools.

Microsoft will release nine security updates next week, twice the number of last month, with fixes slated for Internet Explorer (IE), Windows, SharePoint Server and Web app developer tools.

Three of the nine were rated "critical," Microsoft's most serious threat ranking. Five others were tagged "important," the next step down in the company's four-level scoring system, while the ninth was labeled "moderate."

Five of the updates were identified as fixing vulnerabilities that, if exploited, could result in "remote code execution," or in plainer English, let hackers compromise a system and install malware on the machine. Three others were to patch less dire "elevation of privilege" bugs.

"Bulletin 1," as Microsoft pegged the IE update in Thursday's advance notice of next week's Patch Tuesday releases, will repair all supported versions of the browser, from the aged IE6 on Windows Server 2003 to the newest, IE11, on Windows 7 and Windows 8.1. The fix for IE on Windows clients -- Vista, Windows 7 and Windows 8/8.1 -- was ranked critical but tapped as moderate on the server side.

Microsoft did not disclose the number of individual IE vulnerabilities it intends to patch on Tuesday, but in the last four months the company has quashed 147 bugs in the browser: 60 in June, 24 in July, 26 in August and 37 in September.

"There is a strong likelihood [this month's IE update] will resolve a number of vulnerabilities in the double digits," Chris Goettl, product manager at Shavlik, said in an email, noting the trend.

Not surprisingly, Goettl and other security experts pushed the IE update to the top of their must-patch lists.

The two remaining critical updates will patch all supported editions of Windows, including the newest Windows 8.1 and the dominant corporate OS, Windows 7.

Important updates will affect Office 2007 and Office 2010 on Windows -- but not the newest Office 2013 -- Office for Mac 2011, and SharePoint Sever 2010; various versions of Windows, both client and server; and APS-.Net MVC, an open-source framework for building Web apps.

The single moderate bulletin is to patch the Japanese version of Office 2007's IME (input method editor), a Windows add-on that makes it easier to type on keyboards that don't have room for the thousands of characters used by some languages, like Japanese and Chinese.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Microsoftoperating systemssoftwareWindowsMicrosoft WindowsthreeBull

Featured

Slideshows

Ingram Micro maintains Showcase 2018 momentum in Wellington

Ingram Micro maintains Showcase 2018 momentum in Wellington

Ingram Micro maintained Showcase 2018 momentum in Wellington, hosting more than 40 vendors at TSB Arena. Under the banner of Leading the Way, the event demonstrated what’s new, what’s next and how it can be used to improve business and everyday life.

Ingram Micro maintains Showcase 2018 momentum in Wellington
Ingram Micro launches Showcase 2018 in Christchurch

Ingram Micro launches Showcase 2018 in Christchurch

Ingram Micro kickstarted Showcase 2018 in Christchurch, hosting more than 40 vendors at Horncastle Arena. Under the banner of Leading the Way, the event demonstrated what’s new, what’s next and how it can be used to improve business and everyday life.

Ingram Micro launches Showcase 2018 in Christchurch
Data breach notification laws in NZ: How can partners prepare?

Data breach notification laws in NZ: How can partners prepare?

This exclusive Reseller News Roundtable outlined the responsibilities facing security partners today, assessing risk while evaluating the role of the vendor in providing added layers of protection.

Data breach notification laws in NZ: How can partners prepare?
Show Comments