Something different for Microsoft's first Patch Tuesday of 2012

Stephen Withers
Monday, 09 January 2012 09:16

Business IT - Security

This month's security bulletins from Microsoft include one in an unusual category: 'security feature bypass'.

Microsoft intends to release seven security bulletins this month. One will be rated critical, with the other seven rated important.

The interesting thing is that one bulletin affecting Windows doesn't fall into the usual categories of remote code execution, elevation of privilege, or information disclosure, but is described instead as a security feature bypass. Microsoft's not saying much at this stage, only that the issue makes it easier for attackers to exploit other vulnerabilities.

Six of this months vulnerabilities affect Windows, and all currently-supported versions are affected by at least four of the issues. Only two bulletins apply to Server Core installations of Windows Server 2008 R2.

The seventh concerns the company's developer tools and software.

Microsoft also plans to release an updated version of the Malicious Software Removal Tool, along with an update for the Windows Mail Junk E-mail Filter and non-security updates for all currently supported versions of Windows.

The updates will be released at around 5am on Wednesday January 11 AEST.