Patch Tuesday heads-up: 9 bulletins, 13 Windows vulnerabilities

Patch Tuesday heads-up: 9 bulletins, 13 Windows vulnerabilities

Summary: Microsoft's September batch of security patches will include fixes for 13 documented vulnerabilities affecting Windows, Internet Information Services (IIS), and Microsoft Office.

SHARE:

Microsoft's September batch of security patches will include fixes for 13 documented vulnerabilities affecting Windows, Internet Information Services (IIS), and Microsoft Office.

According to the company's advance notification for this month's Patch Tuesday, there will be a total of 9 bulletins (four rated critical) addressing flaws in all versions of Windows, including Windows 7 and Windows Server 2008.

The Microsoft Office bulletins will cover security holes in Microsoft Office XP, Microsoft Office 2003 and Microsoft Office 2007.  It is likely these will include fixes for the DLL load hijacking attack vector that affects hundreds of Windows applications.

Seven of the nine bulletins address flaws that could lead to "remote code execution" attacks so it's important for affected Windows users to pay close attention to this patch batch.

Topics: Collaboration, Microsoft, Operating Systems, Software, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

34 comments
Log in or register to join the discussion
  • Oh no, not more security holes to plug

    don't tell me I still have more windows security holes to plug, I'm sick and tired of plugging security holes in windows.

    Damn Microsoft, you give me no peace.
    OS Reload
    • RE: Patch Tuesday heads-up: 9 bulletins, 13 Windows vulnerabilities

      @OS Reload <br>It would be interesting to compare how much time is spent patching each OS. For home users, the time would be very close to 0 since this all happens automatically.<br><br>For corporate users, things get more complicated because Linux patches kind of stream in on a daily basis while OS X patches tend to build and build and build and then get dumped on the user in huge mega patches. Also interesting is how easy / complicated it is to push patches out to enterprise desktops on various OSs. In enterprise settings, you usually don't want to set the desktops to patch themselves so tools for pushing patches becomes incredibly important.<br><br>Or did you just want to make the point that only Windows has patches? Sorry if my non zealot post rained on your anti-MS parade. :(
      NonZealot
      • RE: ...that only Windows has patches?

        @NonZealot

        You do know better! Even my favorite Linux gets patches.

        OSReload's concern is that he most likely has to test these patches, and make sure that they don't break something. When you have lots of people doing nothing because their computer is borked; damagement gets all huffy about it. It is not only Microsoft that causes lots of grief; I do remember an anti-virus vendor that bricked systems recently (*cough* McAfee *cough*) [read more: http://news.idg.no/cw/art.cfm?id=21FB2532-1A64-67EA-E4C307CEA2824778]

        So, its not just Microsoft, it is the entire Windows ecosystem that is problematic. Thank God I do not have to deal with it anymore.
        fatman65535
      • @fatman: So you don't test Linux patches?

        [i]OSReload's concern is that he most likely has to test these patches[/i]

        So you don't test Linux patches? YIKES!!!! That's risky.
        NonZealot
      • It's not limited to Windows.

        @fatman65535: [i]So, its not just Microsoft, it is the entire Windows ecosystem that is problematic.[/i]

        All operating systems require patching. And testing patches prior to deployment on critical systems is a requirement for all operating systems. There's nothing unique to Windows.
        ye
    • RE: Patch Tuesday heads-up: 9 bulletins, 13 Windows vulnerabilities

      @OS Reload
      I agree. It is extremely inconvenient that every time they do one of these "critical" updates my computer has to be cycled off then back on again and I have to reload the running applications (If it weren't for certain buggy Microsoft products--like Microsoft Office Live--I wouldn't have to restart my computer periodically). For a company that likes to brag about its "stability" numbers, being forced to restart my computer every month puts the lie to that stability.
      tkepner
      • RE: Patch Tuesday heads-up: 9 bulletins, 13 Windows vulnerabilities

        @tkepner

        Uh, what? Office 14 is not 'buggy' in the slightest, and I've NEVER had my machine have to be restarted because of that.
        Lerianis10
      • RE: Patch Tuesday heads-up: 9 bulletins, 13 Windows vulnerabilities

        @tkepner
        You have to restart it every month? Dang. I usually cut mine off at night to save energy.
        Au1
      • RE: Patch Tuesday heads-up: 9 bulletins, 13 Windows vulnerabilities

        @tkepner L : I used tohave to restart win3.1, WFWG and win95 fairly often. It was annoying, but it was a new wave and to some degree expected and only annoying. Win 98 seldom ever had to be restarted by the end of its liife. Wiin XP which I'm still using almost never has to be restarted and if either does need a restart, it's not due to windows OS; it's due to other applications or even cockpit errors. Vista sucked so badly it never got the change to be itemized on my machineis; it went in and came right off. Since win7 is a rewritten Vista basically, I've never even bothered with it - even if it was a good rewrite, those two offer me nothing, absolutely nothing, that XP can't do.
        The "trick" is in keeping a machine running well and paying attention to it. At this point, you just plain do not have to restart 98 and XP Pro SP3. Having to do restarts is indicative of other problems in the machines.
        twaynesdomain-22354355019875063839220739305988
      • RE: Patch Tuesday heads-up: 9 bulletins, 13 Windows vulnerabilities

        @tkepner : Come on, "cycling" your computer is a real poor excuse for anything negative. Have it all happen when you aren't at the computer.
        Snce win98, the major problems and reasons for restarts are more from poorly written apps than anything else, not from windows. If you can't tell a good vendor from a bad one, reliabbility and stability wise, then you have bigger problems.
        My machine is set to turn itself ON about an hour before I'll need it nthe AM, and turns itself OFF after a certain hour every night. It shuts off late enough that the nightly drive images are scheduled to be done after the workday ends and before the Shut Down (actually, Hibernate) every might.
        It seems your time would be better spent opening up your mind and researchng/repairing the problems you have than to simply complain about them. Live isn't the reason for some of your problems as you indicate either; I know of several machines where it causes zero, nada problems and no machines where it does cause a problem. It's all a matter of what would best be defined as preventive maintenance to keep things well oiled as opposed to bitchinig about them.

        You're not alone in the allegations I've made here and I'm not specifically picking on you yourself.
        twaynesdomain-22354355019875063839220739305988
      • RE: Patch Tuesday heads-up: 9 bulletins, 13 Windows vulnerabilities

        @tkepner <a href="http://educationfuturist.wordpress.com/">Belford lawsuit</a>
        <a href="http://onlinediplomahelp.com/?p=38">online institutions</a>
        <a href="http://www.123degreereviews.com/?p=61">online learning</a>
        bynes69
      • RE: Patch Tuesday heads-up: 9 bulletins, 13 Windows vulnerabilities

        @tkepner <a href="http://www.nationhighschool.com/verification/">Nation High School</a>
        bynes69
      • RE: Patch Tuesday heads-up: 9 bulletins, 13 Windows vulnerabilities

        @tkepner <a href="http://ashwooduniversity.wordpress.com/">Ashwood University</a>
        bynes69
    • What would you have them do?

      @OS Reload
      There are couple of options:
      1. Do a patch every Tuesday so that MS gets ample time to test the patches on the umpteen numbers of hardware and software combinations that they have to support
      2. Give a patch every day, dont test it but claim that you are quick and can innovate rapidly
      3. Patch every 6 months, similar to Apple where they let it pile on and unload as a mega patch
      4. Not release any patch for 2 years but instead focus on rewriting the OS to never have any security vulnerabilities ever. I dont think mighty Linux has been able to achieve that either
      5. Get out of the OS business altogether, just proclaim this Tuesday's patch is the last on ever

      Given these options, I think number 1 looks likes the best so far
      DontBeEvil
      • RE: Patch Tuesday heads-up: 9 bulletins, 13 Windows vulnerabilities

        @DontBeEvil Thanks for sharing. i really appreciate it that you shared with us such a informative post..
        <a href="http://www.papermoz.com/theses/">Thesis</a> <a href="http://www.papermoz.com/dissertations/">Dissertation</a> <a href="http://www.papermoz.com/admission-essay/">Admission Essay</a> <a href="http://www.papermoz.co.uk/essays/">Essay</a> <a href="http://www.papermoz.co.uk/assignments/">Assignments</a>
        silvermessenger
    • Fine.. Go ahead and use Linux or OSX..

      @OS Reload
      ...THOUGH you'll still have to plug the security holes and other issues in those operating systems.

      Sorry dude, but there ain't NO such thing as a perfectly bug free OS.
      Wolfie2K3
    • RE: Patch Tuesday heads-up: 9 bulletins, 13 Windows vulnerabilities

      @OS Reload
      You will have to install tons of updates for Linux crap than Windows.
      shellcodes_coder
    • Damn OS Reload, you give me no peace. <nt>

      @OS Reload
      ryanstrassburg
    • RE:Oh no, not more security holes to plug

      @OS Reload
      >>>don't tell me I still have more windows security holes to plug, I'm sick and tired of plugging security holes in windows.<<<

      So go to another platform and plug security holes there. My platform is Linux, a much better choice for me, with a nearly continuous stream of bug fixes, normal updates, and security fixes. Apple has there own set of problems. They are all competent systems, and if you are that uncomfortable with Microsoft, move. Or are you simply trolling, the whole fan bait thing?
      richdave
    • RE: Patch Tuesday heads-up: 9 bulletins, 13 Windows vulnerabilities

      @OS Reload : Try Linux then as long as you have a simple and pretty generic set of programs and applications. I would love to switch to Linux; two flavors are pretty enticing but none to date can be used wtihout spending lots of $$$ to get it compatible for some of my applications and hardware. Linux is good, but only if you're a tech-minded and capable person. Linux is just plain not capable of replacing MS Windows for my own purposes, in other words. It's the same for a lot of people once they get serious about trying to make the switch. Windows, much as I dislike and despise their attitudes over about the last decade, simply has the head start advantage of being nearly a turn-key operation. Linux developers just don't want to pay attention to the things that could truly get them a much larger market share; attention to reliable drivers. So I'll take my 9 bulletins for 13 windows vulnerabilities.
      twaynesdomain-22354355019875063839220739305988