Last Friday, Microsoft gave me the word that I could take the day off. "No
patches for Tuesday!", came the word from the North. But before we all head
to the beaches or ski slopes or your favorite watering holes, does this truly
mean we are absolutely without issues and not vulnerable?
Those of us who manage Windows systems got a pleasant surprise this month: no
new patches for March! Could this be a trend? Unfortunately, not yet. We just
got lucky this time.
The latest SMB patch means a little bit of not-so-friendly file sharing.
Since my last Patch Watch column, the good news is that we haven’t seen any exploits
or vulnerabilities targeting the Server Message Block (SMB) patch
MS05-011. The bad news is
there have been a few issues that have popped up, one with a resolution, one
still under investigation at this time.
At least two critical Windows updates have been released recently Microsoft — but they’re not being picked up by
most patch-management software because the updates aren’t marked Microsoft as “security” updates.
With Microsoft announcing 12 new updates this week — 8 of them rated
critical — it was a busy Patch Tuesday for many of us. But even with all these
updates, few people have so far reported serious problems after installing them. Is
Microsoft starting to get the hang of this patching stuff?
Fasten your seatbelts, it’s Patch Tuesday. Microsoft released
bulletins on Feb. 8 that covered the gamut, from operating
systems to Office suites to Messenger applications.
Microsoft may call it Patch Tuesday, but I call it the day that I start
watching for the "dead bodies." You know what I mean, don’t you? The
anxiety you feel when you press the button to reboot your computer after the
security patches are applied? Will the system arise from the reboot to
compute again? Will your data survive another trip through the patch
Microsoft released three security bulletins this week, two of them rated
critical, one rated merely important.
Microsoft released five security bulletins on Dec. 14, all of them ranked
“important,” the second highest level of severity.
Possibly more crucial to your safety than the five well-publicized patches,
however, are three fixes that’ve been released more quietly. The issues that
these upgrades fix include:
MS04-040 (889669): In an effort to close an Internet Explorer
security hole that had become the target of a few initial exploits across the
Internet, Microsoft released a new cumulative patch for IE on Dec. 1, rather
than waiting for the Redmond company’s regular release date, the 2nd Tuesday
of the month.