As many LINUX admins on this list also have to look after M$ systems Just wanted to give you a heads up?
Work tomorrow is going to be hell!! http://searchsecurity.techtarget.com/news/2240034564/Microsoft-to-patch-64-vulnerabilities-in-Windows-Office-Internet-Explorer?asrc=EM_NLN_13648242&track=NL-102&ad=825683 Microsoft will patch a record 64 vulnerabilities, unleashing 17 bulletins next week, 9 rated “critical” that address flaws in Windows and Internet Explorer. The bulletins will be released during Microsoft Patch Tuesdayon April 12. The number of bulletins ties a December 2010 record for security updates issued. “This is a huge update and system administrators should plan for deployment as all Windows systems, including Server 2008 and Windows 7, which are affected by critical bulletins,” Amol Sarwate, manager of the Qualys Inc. vulnerability research lab, wrote on the company blog. “Frequently used office applications like Excel 2003 through 2010 and PowerPoint 2002 through 2010 are also affected.” In its Advance Notification, Microsoft said it would address aMHTML protocol handler vulnerability in Windows, a flaw that it acknowledged in January. Proof-of-concept code surfaced, enabling attackers to target the vulnerability. The software giant issued a temporary workaround while engineers worked on a patch for the issue, which locks down the MHTML protocol. In a message on the Microsoft Security Response Center blog, Pete Voss, senior response communications manager with Microsoft Trustworthy Computing, said engineers have been testing a patch to address the issue and have been keeping customers informed. “We alerted people to this issue with Security Advisory 2501696 (including a Fix-It that fully protected customers once downloaded) back in late January,” Voss wrote. “In March, we updated the advisory to let people know we were aware of limited, targeted attacks.” In addition, Microsoft indicated it would address a flaw in the Windows Server Message Block (SMB) network and file-sharing protocol that was publicly disclosed Feb. 15. Researchers said the vulnerability could be exploited by remote attackers or malicious users to cause a denial-of-service (DoS) attack or take control of a vulnerable system. “Microsoft assessed the situation and reported that although the vulnerability could theoretically allow remote code execution, that was extremely unlikely,” Voss wrote. “To this day, we have seen no evidence of attacks.” The Microsoft bulletins will be issued at 1 p.m., April 12 -- Acta Virum Probant --
_______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
