Microsoft slates 8 bug updates for last 2008 Patch Tuesday
Microsoft will deliver eight security updates next week, six of them marked "critical," to plug holes in Windows, Internet Explorer, Office and other products.
Two of the eight updates will patch Windows, another two are aimed at Office, while the remaining four target Internet Explorer (IE), SharePoint, Windows Media Player, and Visual Basic and Visual Studio, Microsoft said Thursday in its monthly advance warning of what to expect next Tuesday.
One of the two updates slated for Windows may be a fix, finally, for an eight-month-old vulnerability that Microsoft first acknowledged in April, and which has been exploited by hackers since mid-October, said Andrew Storms, director of security operations at nCircle Network Security Inc.
"The bulletin Microsoft marked 'Windows 1' looks like the issue in the 951306 advisory," said Storms, referring to the April warning of a rights elevation bug in all versions of Windows. Several weeks before that, Cesar Cerrudo, a researcher and security consultant, said he would disclose a Windows flaw at an upcoming conference; at the time, Microsoft had downplayed the issue, dubbing the problem a "design flaw," not a security bug.
In mid-October, however, Microsoft confirmed that hackers were actively exploiting the unpatched bug.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
microsoft
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
