Security Market Segment LS
Wednesday, 12 January 2011 11:00

Microsoft's gentle start to 2011 patching

By

The first Patch Tuesday for 2011 has proved a quiet affair with just two bulletins from Microsoft, only one of which is rated critical.


As foreshadowed, Microsoft released two security bulletins this month. That's a big drop from the 17 that arrived in December 2010.

The first addresses a publicly disclosed vulnerability in Windows Backup Manager in Vista that is rated as important. Other currently supported operating systems are not affected.

The issue is a specific case of a more general problem raised last August concerning the way applications load external libraries. An insufficiently qualified file path can allow remote code execution.

The second concerns two privately reported vulnerabilities in Microsoft Data Access Components, which is part of all currently supported version of Windows. The issues allow remote code execution and can be exploited with maliciously crafted web pages.

They are considered critical on XP, Vista and Windows 7, and important on Server 2003 and Server 2008 (including Server Core installations).

Microsoft officials are unaware of any proof of concept code or active attacks using these vulnerabilities.

There might be only two security bulletins, but there are more updates and more security-related news from Microsoft - see page 2.




The recently disclosed Windows graphics rendering engine and Internet Explorer CSS vulnerabilities have not been patched yet. However, Microsoft has released a 'FixIt' temporary patch to provide a workaround for the latter issue because attacks have been seen in the wild - details are available here.

Microsoft also released a 'reliability update' for Windows 7, an updater update for Windows 7 and Server 2008 R2, new junk mail and malicious links filters for Office 2010, and a new version of the Malicious Software Removal Tool.

 

BUSINESS WORKS BETTER WITH WINDOWS 1O. MAKE THE SHIFT

You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer

Timezones

QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.

REGISTER!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments