Patch Tuesday preview, February 2012
Microsoft published its Patch Tuesday preview for February of 2012. IT admins can expect nine bulletins to address 21 security vulnerabilities. It looks like four bulletins will be rated critical while the rest are designated as important. Affected Microsoft products are:
--Windows
--Internet Explorer
--.NET Framework
--Silverlight
--Office
--Server Software
Wolfgang Kandek, CTO of Qualys, offered me his assessment in an email:
"As expected we are getting a larger batch of nine bulletins addressing a total of 21 vulnerabilities. Four bulletins are classified as "critical" and the remaining as "important". There is the expected critical update to Internet Explorer which should be highest priority. After all, we saw last month how quickly attackers are incorporating browser based attacks into their toolkits; an exploit for MS12-004 was detected a mere 15 days after Patch Tuesday.
"There are also two critical fixes for WIndows itself, plus one for the .NET framework that should be prioritized. In the "important" category, there are three Remote Code Execution vulnerabilities, one of them in Office. Most likely we are looking at file based attacks and at least the Office vulnerability should be included in your first tier of patching."
And now you know...
What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
WHITE PAPER
Reduce Email Archives up to 60%
Are you considering implementing a proactive archiving and eDiscovery solutions? This paper summarizes 15 separate soft cost savings when implementing Symantec Enterprise Vault and the Clearwell eDiscovery Platform.
WHITE PAPER
Aberdeen Report: To Patch, or Not to Patch? (Not If, But How)
The report explores the correlation between the current use of patch management and the level of endpoint-related risk that companies are effectively accepting.
Recent Comments
Webcasts
- The CISO's Survival Guide to Securing Data
- Data Privacy and Protection in Production Environments: New Research from Ponemon Institute
- FireEye Advanced Threat Protection KnowledgeVault
- Five Tips to Consider in a Data Security Strategy for Smartphones and Tablets
- Moving Your Email to the Trusted Cloud
- Comprehensive Server Protection
White Papers
