Articles about Patch Tuesday

Microsoft's Internet Explorer browser was the focus of a majority of the fixes in Tuesday's monthly security update from the Redmond company. Altogether, five updates were issued, including three "critical," one "moderate," and another rated "important."

The Internet Explorer update was issued as a cumulative fix addressing ten vulnerabilities within the browser. The patch includes a fix for the much-publicized "createTextRange()" flaw, as well as fixes for HTML parsing errors, script executions, and address bar spoofing issues among others. All the flaws could result in a remote code execution risk, Microsoft said.

Continue reading →

Microsoft plans two fixes as part of its monthly Patch Tuesday updates to be released next week, the company said Thursday. An update marked for Office has been rated as "critical," and another for the Windows operating system is marked "important."

As is normal with advance security bulletins, Microsoft did not disclose what vulnerabilities the patches would address. This is done to prevent hackers from taking advantage of flaws before customers have a chance to download the updates.

Continue reading →

It was no love and all business for Microsoft on Tuesday, as the company released seven updates for its products. These included fixes for two critical flaws in Internet Explorer and Windows Media Player, and five important updates addressing issues in Windows and Microsoft Office.

A critical vulnerability that existed in the Graphics Rendering Engine of Internet Explorer was one of those patched. A specially crafted Windows Metafile image could be generated to allow for remote code execution and potentially open the door for an attacker to take complete control of an affected system.

Continue reading →

Microsoft will release a total of seven updates as part of its monthly Patch Tuesday program, the company announced Thursday. One targets a flaw in Windows Media Player, four for Microsoft Windows, one for both Microsoft Windows and Office, and one for Microsoft Office only.

Of the two former sets of updates, the highest severity rating for any of the updates would be critical, and for the latter two important. The Redmond company said that some of the updates may require a restart.

Continue reading →

Microsoft issued two more critical patches as part of its regular Patch Tuesday security update, including a fix for a vulnerability when viewing embedded Web fonts and a flaw in the decoding of TNEF messages. The company included its WMF fix with the monthly security updates, although a patch for the issue has been available since January 5.

The first patch fixes a problem in how Windows displays embedded Web fonts. The flaw could enable malformed fonts to be used as a way to execute code on a remote system. The vulnerability could be exploited through either a malicious Web site or specially crafted e-mail message, Microsoft said.

Continue reading →

As promised, Microsoft on Tuesday rolled out two security updates as part of its monthly Patch Tuesday program, one rated "important" and the other "critical." The patches fix flaws in Internet Explorer, as well as a vulnerability in the Windows Kernel.

Microsoft has fixed four critical vulnerabilities within Internet Explorer versions 5 and 6, replacing an earlier cumulative fix issued in October of this year.

Continue reading →

As promised, Microsoft on Tuesday issued nine separate security patches, fixing vulnerabilities in DirectX, Exchange, Internet Explorer, and Windows itself. Three of the fixes were deemed "critical," four "important," and two "moderate."

All of the critical patches involved some type of remote code execution vulnerability. The Internet Explorer patch fixes a flaw found by eEye Digital Security and the French Security Incident Response Team back in July revolving around the COM object within IE.

Continue reading →

Microsoft plans to fix several holes in the security of Windows during its monthly "Patch Tuesday" release next week, including at least one deemed "critical." Eight of the patches will deal with problems in the operating system, and one will fix a flaw in the company's Exchange Server.

While Microsoft is never specific as to what it will be patching ahead of the actual release, eWeek is reporting that at least one fix with deal with code execution vulnerabilities within Internet Explorer.

Continue reading →

UPDATED Barely 24 hours after giving advanced notice of its monthly "Patch Tuesday" fixes, Microsoft late Friday said that it was scrapping the updates over a "quality issue." Microsoft had planned to release a single bulletin for a critical vulnerability affecting Windows.

"Late in the testing process, Microsoft encountered a quality issue that necessitated the update to go through additional testing and development before it is released," a Microsoft spokesperson told BetaNews. "Microsoft is committed to only releasing high quality updates that fix the issues in question, and therefore we feel it is in the best interest of our customers to not release this update until it undergoes further testing."

Continue reading →

April 12 is slated to bring more than just a forced download of Windows XP Service Pack 2: Microsoft is preparing eight security updates for its next monthly "Patch Tuesday." 5 of the fixes involved Windows and some are deemed "critical." Critical patches will also be issued for MSN Messenger, Microsoft Office and Exchange.

In order to protect customers, Microsoft does not release specific details of security updates before their release. It's not clear whether the MSN Messenger hole affects version 7.0, which launched early Thursday.

Continue reading →

In the second largest security bulletin since moving to monthly updates, Microsoft issued a total of 12 fixes to address flaws in SharePoint, Microsoft's .NET Framework, Office and Windows Media Player. Of the updates, nine pertain to Windows and eight are deemed "critical," the most severe designation.

If left un-patched, the critical vulnerabilities would enable computer hackers to seize control of a compromised system. An exploit for one of the flaws is already circling, according to sources close to Microsoft.

Continue reading →