Feeds

Three critical fixes in store for MS November Patch Tuesday

Has another crack at some October uberpatch flaws

High performance access to file storage

Microsoft plans to deliver six updates - three critical - as part of its November Patch Tuesday cycle.

All three of the critical updates due on 10 November involve patches for Windows. Tuesday is also due to bring two "important" (ie. slightly lower risk) updates for Office and another "important" Windows-related security fix, according to MS's pre-alert advisory.

As is the local custom, Redmond is holding back details of the flaws to be fixed until the patches are delivered. However from details of the affected software packages it looks like Win 7 machines are in the clear and will not need patching, at least against operating system flaws. One of the critical Windows updates affects Vista while a separate (critical) flaw is bad news for systems running XP or Server 2003.

November's patch batch follows a bumper crop of 13 bulletins that collectively tackled 34 security flaws across a wide range of Microsoft products last month.

Predictably enough the large patch batch failed to run altogether smoothly. On Monday (2 November) Microsoft re-patched Internet Explorer, marking the third time it was obliged to repair one of the updates from its October 2009 uberbatch. The tweaked update addressed problems experienced in displaying web pages by some customers who had applied the MS09-054 patch, as explained here.

Andrew Clarke, senior VP at patching specialist Lumension, reckons three of the updates due out of Tuesday may also be aimed at tackling glitches with the October patch batch.

"Microsoft is delivering three critical patches and three important patches, none of which impact Windows 7," Clarke said. "Three of the November patches, however, appear to be updates to or re-releases of patches that were issued last month including Live Communications Server 2005 and Office Communications Server 2007, as well as scenarios involving the usage of Windows Server Update Services or running Microsoft Office Access Runtime 2003." ®

High performance access to file storage

More from The Register

next story
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Windows XP still has 27 per cent market share on its deathbed
Windows 7 making some gains on XP Death Day
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
US taxman blows Win XP deadline, must now spend millions on custom support
Gov't IT likened to 'a Model T with a lot of things on top of it'
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.