back to article Microsoft puts Patch Tuesday on a diet, fixes Office flaw

Microsoft is planning a light October edition of its regular Patch Tuesday updates next week that focuses on Office flaws and features just one critical patch. The critical bulletin features a vulnerability in Microsoft Office 2003, 2007, and 2010 as well as Word Viewer and Microsoft Office Web Apps. Office for Mac is not …

COMMENTS

This topic is closed for new posts.
Gold badge

No public exploits, yet

"It should be a relief to many that none of the bulletins requires immediate attention, as none of them address vulnerabilities being exploited in the wild; all were privately reported vulnerabilities. This means that there isn’t any publicly known exploit code for this month’s bulletin cycle."

Well, not until Wednesday, by which time the black hats will have reverse engineered the patches. But I suppose if sys admins are going to lose sleep over the certificate change, it is probably fortunate that there aren't too many other crises in play.

0
0
Anonymous Coward

Patching in perspective

The latest US-CERT Vulnerability Summary (http://www.us-cert.gov/cas/bulletins/SB12-275.html) for the _week_ of September 24 contains over 100 vulnerabilities including:

Google – 24 vulnerabilities

Cisco - 10 vulnerabilities

IBM - 10 vulnerabilities

HP - 6 vulnerabilities

Microsoft - 4 vulnerabilities

Plus vulnerabilities for Apache, Adobe, EMC, McAfee, Oracle, Phpb2b, Phpmyadmin, Rsyslog, Siemens, TrendMicro and Ubuntu.

Most Microsoft and Google Chrome users will probably actually get these updates. How true is this of the rest I wonder?

2
1
This topic is closed for new posts.

Forums