Those hip to the patch cycle know the first Thursday of the month means an early peek at Microsoft's plans for Patch Tuesday. According to this Month's Advanced Notification post, Microsoft will release six security bulletins next Tuesday, and rates four of those bulletins as Critical. According to their corresponding blog post, the six bulletins will fix 19 actual … [Read more...]
Seven Bulletins Planned for October Patch Tuesday
After a very light Patch Tuesday in September, Microsoft returns to more typical patch levels this month. According to their October advanced notification, Microsoft plans to release seven security bulletins next week, fixing around 20 vulnerabilities in some of their most popular products. The affect products include Windows, Office, SQL Server, Microsoft Server Software, and … [Read more...]
XSS Vulnerabilities in Microsoft Servers and Developer Tools
Severity: Medium Summary: These vulnerabilities affect: Visual Studio Team Foundation Server 2010, Systems Management Server 2003, and System Center Configuration Manager 2007 How an attacker exploits it: By enticing a user to click a specially crafted link, or visit a malicious web site Impact: An attacker can elevate his privileges and take any action your users can What … [Read more...]
Light Patch Tuesday Brings Two XSS Fixes
As I mentioned in last week's early warning, today's Patch Day is extremely light with only two updates. According to their September bulletin summary, Microsoft has only released updates for Visual Studio Foundation Server and System Center Configuration Manager. Both updates fix cross-site scripting (XSS) vulnerabilities that Microsoft rates as Important. If you have either … [Read more...]
Microsoft Black Tuesday: Critical Windows, Office, and IE Updates
Microsoft has posted their April Patch Day security bulletins, which fix many serious flaws. If you run a Microsoft shop, it's time to test and deploy these updates. Microsoft's April Security Bulletin summary, describes six security bulletins, which fix 11 vulnerabilities in many of their products. Affected products include: Windows, and components that ship with … [Read more...]