Feeds

Three critical fixes in store for MS November Patch Tuesday

Has another crack at some October uberpatch flaws

Security for virtualized datacentres

Microsoft plans to deliver six updates - three critical - as part of its November Patch Tuesday cycle.

All three of the critical updates due on 10 November involve patches for Windows. Tuesday is also due to bring two "important" (ie. slightly lower risk) updates for Office and another "important" Windows-related security fix, according to MS's pre-alert advisory.

As is the local custom, Redmond is holding back details of the flaws to be fixed until the patches are delivered. However from details of the affected software packages it looks like Win 7 machines are in the clear and will not need patching, at least against operating system flaws. One of the critical Windows updates affects Vista while a separate (critical) flaw is bad news for systems running XP or Server 2003.

November's patch batch follows a bumper crop of 13 bulletins that collectively tackled 34 security flaws across a wide range of Microsoft products last month.

Predictably enough the large patch batch failed to run altogether smoothly. On Monday (2 November) Microsoft re-patched Internet Explorer, marking the third time it was obliged to repair one of the updates from its October 2009 uberbatch. The tweaked update addressed problems experienced in displaying web pages by some customers who had applied the MS09-054 patch, as explained here.

Andrew Clarke, senior VP at patching specialist Lumension, reckons three of the updates due out of Tuesday may also be aimed at tackling glitches with the October patch batch.

"Microsoft is delivering three critical patches and three important patches, none of which impact Windows 7," Clarke said. "Three of the November patches, however, appear to be updates to or re-releases of patches that were issued last month including Live Communications Server 2005 and Office Communications Server 2007, as well as scenarios involving the usage of Windows Server Update Services or running Microsoft Office Access Runtime 2003." ®

Internet Security Threat Report 2014

More from The Register

next story
PEAK APPLE: iOS 8 is least popular Cupertino mobile OS in all of HUMAN HISTORY
'Nerd release' finally staggers past 50 per cent adoption
Microsoft to bake Skype into IE, without plugins
Redmond thinks the Object Real-Time Communications API for WebRTC is ready to roll
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
Mozilla: Spidermonkey ATE Apple's JavaScriptCore, THRASHED Google V8
Moz man claims the win on rivals' own benchmarks
FTDI yanks chip-bricking driver from Windows Update, vows to fight on
Next driver to battle fake chips with 'non-invasive' methods
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
Ubuntu 14.10 tries pulling a Steve Ballmer on cloudy offerings
Oi, Windows, centOS and openSUSE – behave, we're all friends here
Was ist das? Eine neue Suse Linux Enterprise? Ausgezeichnet!
Version 12 first major-number Suse release since 2009
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.