Security Market Segment LS
Wednesday, 15 June 2011 09:14

Patch Tuesday heralds a busy spell for admins


As expected, Microsoft and Adobe have released a hefty batch of security updates for their products.

June's Patch Tuesday marked a busy time for system administrators, especially those who need to carry out extensive testing before deploying updates to computers under their control. Both Microsoft and Adobe released a raft of security-related updates.

As expected, Microsoft released 16 bulletins, nine critical and seven important, while multiple Adobe products were updated for security reasons. Let's begin with Microsoft.

The 16 bulletins cover 34 vulnerabilities in various products.Seven of the bulletins concern Windows, and there are critical bulletins for all currently supported versions. While Microsoft recommends its customers apply all of the updates as soon as possible, it suggests particular priority should be given to four of them.

They are MS11-042 (two critical vulnerabilities in Distributed File System), MS11-043 (critical vulnerability in Windows' SMB client), MS11-050 (11 vulnerabilities - some critical - in Internet Explorer versions 6 to 9), and MS11-052 (critical vulnerability in Vector Markup Language).

Other bulletins concern Excel (important patch for Excel 2002, 2003, 2004, 2007, 2008, 2010, 2011, and associated utilities), InfoPath (important patch for InfoPath 2007 and 2010), SQL Server important, 2005 through 2008 R2), Silverlight 4 (critical on all versions of Windows and Mac OS X), Visual Studio (important, for Visual Studio 2005, 2008 and 2010), and the Forefront Threat Management Gateway 2010 Client (critical).

Chester Wisniewski of security software vendor Sophos pointed out that the Office for Mac updates incorporate fixes that were released last month for the Windows versions of Office. "This makes MS11-045 a high priority update for Mac Office users," he suggested.

More on Microsoft and the latest on Adobe's updates on page 2.

The different vulnerabilities addressed by this month's updates have the potential to be exploited in various ways, ranging from the familiar maliciously crafted document or web page to sending a malicious SMB request to the target computer.

In related news, Microsoft claims that February's update to the way Windows' Autorun feature works has resulted in a substantial reduction in Autorun-related infections on XP and Vista systems scanned by the Malicious Software Removal Tool. Windows 7 already incorporated the change.

Turning to Adobe. the company released five security bulletins, three rated critical and two important.

The critical updates start with Reader X and Acrobat X, which are now at version 10.1. Both the Windows and Mac OS X versions have been updated. Adobe has released corresponding updates for the 8.x and 9.x versions for users who cannot update to Reader X or Acrobat X.

Other critical issues have beed addressed by the release of Shockwave Player for Windows and Mac OS X, and Flash Player for Windows, Mac OS X, Linux and Solaris. An update for the Android version of Flash Player is expected by the end of the week.

The important patches were for ColdFusion, and LiveCycle Data Services, LiveCycle ES and BlazeDS. Both bulletins cover Windows, Mac OS X and Unix versions.

Links to the Adobe bulletins can be found here.



Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.



Recent Comments