Dell recommends Windows 8.

Critical Patch Job on Tap

Susan Fogarty, Editor in Chief, IT Migration Zone | 7/9/2013 | 19 comments

Susan Fogarty
Microsoft system administrators need to brace themselves for today's Patch Tuesday, when Redmond will run several critical updates affecting every version of Windows running on any type of hardware.

In the Advance Notification issued last week, Microsoft alerted customers that the July release of security updates will include six "critical" updates that will require every version of Windows, from Windows XP all the way up to 8.1, to be patched by administrators. Updates will also impact as Internet Explorer, Lync, Silverlight, and the .NET Framework.

The patches carry unusual significance, Paul Henry, security and forensic analyst with Lumension, told CRN:

This is one of the uglier releases we've seen from Microsoft this year. To say that all Microsoft products are affected and everything is affected critically is not an understatement. It's difficult to prioritize one or two because all the bulletins are significant this Patch Tuesday.

The unusually high number of critical updates will bring Microsoft's yearly total to 22. The company ended 2012 with 34 critical flaws overall.

The six bulletins listed as critical all deal with remote code execution, which can give hackers and malware writers the ability to assign themselves as administrators on Windows systems and install malware without user permission or alerting security systems.

The seventh bulletin is rated as "important." It allows hackers to elevate their privileges by exploiting Windows Defender running on Windows 7 or Server 2008 R2.

Several of the updates address a zero-day flaw identified and publicized by Google researcher Tavis Ormandy, which identified a problem in the kernel of Windows 2000 and above that affects the user privileges of the logged-on user. Microsoft is also expected to issue a number of non-security related fixes to its Surface Pro and Surface RT tablets.

Microsoft typically keeps details of security flaws and fixes confidential until patches are released, which should happen around midday today. A webcast discussing the technical details of the bulletins is planned for Wednesday, July 10, at 11:00 a.m. PT to allow customers to ask questions.

View Comments: Newest First | Oldest First | Threaded View
Page 1 / 2   >   >>
SaneIT   Critical Patch Job on Tap   7/24/2013 7:10:58 AM
Re: Surprising?
I've heard a theory that we all have battered wife syndrome and what's why we won't leave Microsoft for the back end systems or the office suite in particular but I don't see it that way.  What Microsoft does right they do well enough that they are incredibly difficult to compete with.  I can't tell you how many Mac users I know who install Microsoft Office for the Mac because it's that much better than any other option they see.  When I look at the overall management and support of a medium sized network or larger Microsoft is far beyond anyone else out there.  I remember when there was laughing that Microsoft was trying to copy Netware and that they were going to fail.  I think we all know how that one turned out.  Unless there is an open source option out there that can replace Active Directory, Group Policy and the entire domain trust relationships with as much ease as Microsoft brings to the table I don't see too many people jumping ship and leaving Microsoft products completely.
sohaibmasood   Critical Patch Job on Tap   7/23/2013 1:00:40 PM
Re: Surprising?
SaneIT, to me it is a dilemma. If we complain so often about the patchwork and other issues with Microsoft then why do we find it difficult to move elsewhere? I would second you I have seen very few people embracing the open source or other systems. 
sohaibmasood   Critical Patch Job on Tap   7/23/2013 4:30:01 AM
Re: Surprising?
I am not sure if there is an ethical dilemma involved here. Firms can subcontract their projects but the point is to extent do you sub contract? How do you ensure the sub contractor delivers quality product? Who gets the blame if the sub contractor does something wrong?
SaneIT   Critical Patch Job on Tap   7/22/2013 7:17:02 AM
Re: Surprising?
Even then I have met very few administrators who have jumped ship because of Microsoft's patch history.  Sure we may complain about it but we never go anywhere with the complaining. 
anthony.nima   Critical Patch Job on Tap   7/19/2013 11:50:13 PM
Re: Surprising?
@Shoaib: Yes in a cooperate field its not ethically possible but practically it happens in many. Anyway getting a feedback too is something related to this isn't it ?          
sohaibmasood   Critical Patch Job on Tap   7/19/2013 1:02:14 AM
Re: Surprising?
Well yes developers can always get help from outside but in a corporate setting does that happen? 

Reviews would be a great idea if they are honest and translate into actual developments. 
Trek   Critical Patch Job on Tap   7/18/2013 9:19:23 PM
Re: Surprising?
Developers can lower there cost by working with outside vendors that specialize in security.  They don't always have to start from scratch.  

I wonder if it would help, if sites such as Google Play or Apple's App Store gave secruity ratings to third party developers. 
sohaibmasood   Critical Patch Job on Tap   7/18/2013 1:22:40 AM
Re: Surprising?
Trek, that is a seriously high number of malware per unit time. I understand that trying to devise software to combat these upcoming malwares & viruses is a difficult ask. But as the one of the leading OS provider customers have very high expectations from Microsoft. 
sohaibmasood   Critical Patch Job on Tap   7/17/2013 3:33:10 AM
Re: Surprising?
Susan, I agree with you. It is a nuisance having to go through the patches and the updates every now & then. You expect a much more stable OS from a company that has a huge market share. Microsoft needs to pay more attention to security in the upcoming releases and iron out these issues before they actually hit the market with a product. 
Trek   Critical Patch Job on Tap   7/16/2013 9:18:55 PM
Developers
I say this today.  One reason why it is some important to have all these patches. 

Microsoft Study: Less Than Half of Developers Use a Security Process - See more at: http://www.eweek.com/security/microsoft-adobe-patch-critical-vulnerabilities-in-security-updates/#sthash.FIyWbWNi.dpuf

 
Page 1 / 2   >   >>


The blogs and comments posted on EnterpriseEfficiency.com do not reflect the views of TechWeb, EnterpriseEfficiency.com, or its sponsors. EnterpriseEfficiency.com, TechWeb, and its sponsors do not assume responsibility for any comments, claims, or opinions made by authors and bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.

More Blogs from Susan Fogarty
Susan Fogarty   8/23/2013   79 comments
Everyone in the tech world has heard the news that Steve Ballmer, CEO of Microsoft, is retiring. The press is going crazy speculating about the reasons why and whether big changes will ...
Susan Fogarty   8/20/2013   31 comments
Cloud services are growing, but there is still resistance to them -- especially in IT departments with large datacenter operations. You may not want to give up control of your ...
Susan Fogarty   8/7/2013   15 comments
In the hubbub over Microsoft's modifications to Windows 8, you may have missed the fact that the Windows Server 2012 R2 Preview is now available. In this release, Microsoft expands upon ...
Susan Fogarty   7/24/2013   55 comments
As part of its ongoing effort to wean customers off of Windows XP and onto a more current version of the venerable OS, the folks in Redmond have released a rather odd infographic that ...
Susan Fogarty   7/22/2013   24 comments
Big-data is a big, big buzzword. You are certainly familiar with it, but you may not realize that, along with curing cancer and locating extraterrestrials, big-data can streamline your ...
Days
Hours
Minutes
Seconds
Dell Information Resources
SPONSORED BY DELL
VIDEOS
WINDOWS CLIENT
WINDOWS SERVER
On-demand Video with Chat
The culture of work is changing. Tech-savvy and always-connected people want faster, more intuitive technology, uninterrupted services, and freedom to work anywhere, anytime, on a variety of devices.
Latest Archived Broadcast
Bring-Your-Own-Device (BYOD) is about more than just a device.
© 2014 UBM TechWeb - Privacy Policy