Feeds

Microsoft readies singular fix for first Patch Tuesday of 2010

No update for frosty Windows 7 bug, mind

Remote control for virtualized desktops

Microsoft's first Patch Tuesday of the year looks set to be more famine than feast.

Redmond plans to instead fix just one critical vuln that affects Windows 2000, XP, Vista and Windows 7.

It will also patch the same bug in Windows Server 2003, Server 2008 and 2008 R2, although the security flaw in those products is marked as low by Microsoft.

However, the firm's Jerry Bryant claimed on the company's security blog that the "Exploitability Index" rating for the vuln would not be high, thereby lowering the overall risk.

Bryant also admitted that Microsoft hadn't patched a Denial of Service bug in SMB (Server Message Block), which the company went public about in November 2009.

The security bug in Windows 7 and Windows 2008 R2 makes it possible to lock up affected systems. The crash would happen without a Blue Screen of Death or other visible indication that anything was amiss.

"We are still working on an update for the issue at this time. We are not aware of any active attacks using the exploit code that was made public for this vulnerability and continue to encourage customers to follow the guidance in the advisory which outlines best practices to help protect systems against attacks that originate outside of the enterprise perimeter," he said.

The software giant's light-footed approach to its latest round of updates contrasts with the hefty collection of patches that trundled out of MS Towers and onto the internet in October last year.

Microsoft issued fixes for 34 vulns as well as 13 updates that month in what was a record Patch Tuesday haul.

The vendor's latest security bulletin release is scheduled for Tuesday, 13 January. ®

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Seattle children’s accelerates Citrix login times by 500% with cross-tier insight
Seattle Children’s is a leading research hospital with a large and growing Citrix XenDesktop deployment. See how they used ExtraHop to accelerate launch times.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Managing SSL certificates with ease
The lack of operational efficiencies and compliance pitfalls associated with poor SSL certificate management, and how the right SSL certificate management tool can help.