ie8 fix
madison

Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev
Home / News & Blogs / Zero Day

Patch Tuesday heads-up: Windows security holes

By | January 5, 2012, 11:41am PST

Summary: Microsoft plans to ship 7 bulletins, one rated “critical,” Microsoft’s highest severity rating.

Microsoft’s first batch of patches for 2012 will include fixes for security vulnerabilities in the Windows operating system and Microsoft Developer Tools and Software.

In all, Microsoft plans to ship 7 bulletins, one rated “critical,” Microsoft’s highest severity rating. A critical bulletin typically deals with security holes that allow remote code execution attacks with minimal user action.follow Ryan Naraine on twitter

The Windows vulnerabilities will apply to all versions of Microsoft’s flagship OS, including the newest Windows 7 and Windows Server 2008 R2.

Microsoft also announced that one of the bulletins will fix an issue described as a “Security Feature Bypass.”  It is the first time Microsoft has used this label on a security update.

The patches will be released next Tuesday (Jan 10, 2012) at approximately 1:00 PM EST.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Windows Security, Patch Management, Security Vulnerability, Patches, Security, Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.

Disclosure

Ryan Naraine

The most important disclosure is of my employment with Kaspersky Lab as a member of the global research and analysis team. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.

Biography

Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine's and Web site's coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media's internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan's activities, follow him on Twitter.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion
33
Comments
Add Your Opinion

Join the conversation!

Just In

dsfsdf
jywhy888 7th Mar
Wholesale Camera Eye Mask http://www.chinawholesaletown.com/wholesale-Compass/ Valentine Gifts
Wholesale Clothes Rack Wholesale Carabiner http://www.chinawholesaletown.com/wholesale-TelePhone/ Industrial Supplies
Wholesale Bookmark Safety Products http://www.chinawholesaletown.com/wholesale-Mirror/ Pen
Wholesale Bangle Wholesale Glove http://www.chinawholesaletown.com/wholesale-Scissors/ Tape Measure
Fishing Supplies Wholesale Candle http://www.chinawholesaletown.com/wholesale-Advertising-Material/ Radio
Wholesale Stationery Inflatable Products http://www.chinawholesaletown.com/wholesale-Name-Card-Holder/ Raincoat
Christmas Gifts Outdoor Leisure Products http://www.chinawholesaletown.com/wholesale-Money-Bank/ Recorder Pen
Wholesale Glove Recorder Pen http://www.chinawholesaletown.com/wholesale-Pedometer/ CD Holde
Wholesale Earphone Wholesale Flashlight http://www.chinawholesaletown.com/wholesale-Computer-Accessories/ Hair Products
World Cup Products Water Bottle http://www.chinawholesaletown.com/wholesale-Beauty-Equipment/ Voice Recorder
Wholesale lable Reflective Safety Vest http://www.chinawholesaletown.com/wholesale-Patient-Care/ Inflatable Products
CD Holde Wholesale USB Flash Drive http://www.chinawholesaletown.com/wholesale-Cap/ Writing Instrument
Wholesale Golf Products Flash Gift http://www.chinawholesaletown.com/wholesale-Writing-Instrument/ Arts Crafts
Wholesale Playing Card Wholesale Wallet http://www.chinawholesaletown.com/wholesale-Keychain/ Pom Poms
Wholesale Mp3 Promotional Gifts http://www.chinawholesaletown.com/wholesale-Thermometer/ Bookmark
Wholesale Mobile Phone Consumer Electronics http://www.chinawholesaletown.com/wholesale-Poncho-Raincoat/ Men Beauty Care
Money Clip Wholesale Cards http://www.chinawholesaletown.com/wholesale-Scale/ Belt
Valentine Gifts Wholesale Halloween Gift http://www.chinawholesaletown.com/wholesale-Tie/ Muslim Products
Wholesale Ruler Valentine Gifts http://www.chinawholesaletown.com/wholesale-Hair-Products/ Crystal Gifts
Wholesale Coaster Wholesale Magnifier http://www.chinawholesaletown.com/wholesale-Camera/ Mirror
Wholesale Mug Wholesale Mat http://www.chinawholesaletown.com/wholesale-Shoes/ Toys
Wholesale Cup Wholesale First Aid Kit http://www.chinawholesaletown.com/wholesale-Safety/ Bottle Opener
Wholesale Pedometer Wholesale Bangle http://www.chinawholesaletown.com/wholesale-Gift-Box---Display/ Consumer Electronics
Wholesale iPod iPhone Muslim Products http://www.chinawholesaletown.com/wholesale-Pet-Supplies/ Helmet
Safety Products Patient Care Products http://www.chinawholesaletown.com/wholesale-Money-Bank/ Sport Support Products
Silicone Products Sport Items http://www.chinawholesaletown.com/wholesale-Lady-Beauty-Care/ Ashtray
Wholesale Tellurion Mouse Pad http://www.chinawholesaletown.com/wholesale-Scissors/ Thermometer
Wholesale TelePhone Wholesale Keyboard http://www.chinawholesaletown.com/wholesale-Speakers/ Binoculars
Wholesale Tie Wholesale Radio http://www.chinawholesaletown.com/wholesale-Candle/ Poncho Raincoat
Book Light Wholesale Glasses http://www.chinawholesaletown.com/wholesale-Bookmarks/ Silicone Products
Flash Gift Home Appliances http://www.chinawholesaletown.com/wholesale-Photo-Frame/ Halloween Gift
View in thread
0 Votes
+ -
Very proactive start to the new year. Well done MS.
Johnny Vegas 5th Jan
Thanks for looking out for your end users and providing a level of service for other tech companies to aspire to.
0 Votes
+ -
Let's see
ScorpioBlue 5th Jan
The .NET patches released out of cycle last week that were what? 8 years too late?

lol... grin
0 Votes
+ -
dsfsdf
jywhy888 7th Mar
Wholesale Camera Eye Mask http://www.chinawholesaletown.com/wholesale-Compass/ Valentine Gifts
Wholesale Clothes Rack Wholesale Carabiner http://www.chinawholesaletown.com/wholesale-TelePhone/ Industrial Supplies
Wholesale Bookmark Safety Products http://www.chinawholesaletown.com/wholesale-Mirror/ Pen
Wholesale Bangle Wholesale Glove http://www.chinawholesaletown.com/wholesale-Scissors/ Tape Measure
Fishing Supplies Wholesale Candle http://www.chinawholesaletown.com/wholesale-Advertising-Material/ Radio
Wholesale Stationery Inflatable Products http://www.chinawholesaletown.com/wholesale-Name-Card-Holder/ Raincoat
Christmas Gifts Outdoor Leisure Products http://www.chinawholesaletown.com/wholesale-Money-Bank/ Recorder Pen
Wholesale Glove Recorder Pen http://www.chinawholesaletown.com/wholesale-Pedometer/ CD Holde
Wholesale Earphone Wholesale Flashlight http://www.chinawholesaletown.com/wholesale-Computer-Accessories/ Hair Products
World Cup Products Water Bottle http://www.chinawholesaletown.com/wholesale-Beauty-Equipment/ Voice Recorder
Wholesale lable Reflective Safety Vest http://www.chinawholesaletown.com/wholesale-Patient-Care/ Inflatable Products
CD Holde Wholesale USB Flash Drive http://www.chinawholesaletown.com/wholesale-Cap/ Writing Instrument
Wholesale Golf Products Flash Gift http://www.chinawholesaletown.com/wholesale-Writing-Instrument/ Arts Crafts
Wholesale Playing Card Wholesale Wallet http://www.chinawholesaletown.com/wholesale-Keychain/ Pom Poms
Wholesale Mp3 Promotional Gifts http://www.chinawholesaletown.com/wholesale-Thermometer/ Bookmark
Wholesale Mobile Phone Consumer Electronics http://www.chinawholesaletown.com/wholesale-Poncho-Raincoat/ Men Beauty Care
Money Clip Wholesale Cards http://www.chinawholesaletown.com/wholesale-Scale/ Belt
Valentine Gifts Wholesale Halloween Gift http://www.chinawholesaletown.com/wholesale-Tie/ Muslim Products
Wholesale Ruler Valentine Gifts http://www.chinawholesaletown.com/wholesale-Hair-Products/ Crystal Gifts
Wholesale Coaster Wholesale Magnifier http://www.chinawholesaletown.com/wholesale-Camera/ Mirror
Wholesale Mug Wholesale Mat http://www.chinawholesaletown.com/wholesale-Shoes/ Toys
Wholesale Cup Wholesale First Aid Kit http://www.chinawholesaletown.com/wholesale-Safety/ Bottle Opener
Wholesale Pedometer Wholesale Bangle http://www.chinawholesaletown.com/wholesale-Gift-Box---Display/ Consumer Electronics
Wholesale iPod iPhone Muslim Products http://www.chinawholesaletown.com/wholesale-Pet-Supplies/ Helmet
Safety Products Patient Care Products http://www.chinawholesaletown.com/wholesale-Money-Bank/ Sport Support Products
Silicone Products Sport Items http://www.chinawholesaletown.com/wholesale-Lady-Beauty-Care/ Ashtray
Wholesale Tellurion Mouse Pad http://www.chinawholesaletown.com/wholesale-Scissors/ Thermometer
Wholesale TelePhone Wholesale Keyboard http://www.chinawholesaletown.com/wholesale-Speakers/ Binoculars
Wholesale Tie Wholesale Radio http://www.chinawholesaletown.com/wholesale-Candle/ Poncho Raincoat
Book Light Wholesale Glasses http://www.chinawholesaletown.com/wholesale-Bookmarks/ Silicone Products
Flash Gift Home Appliances http://www.chinawholesaletown.com/wholesale-Photo-Frame/ Halloween Gift
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
whatagenda 5th Jan
Do 'we' know exactly what a 'Security Feature Bypass, is?
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
vinilmaniacs 5th Jan
@whatagenda fix non original activation software wen the app shows "0" wen the os is used
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
windozefreak 5th Jan
Good for them!
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
Steve I. 5th Jan
SO glad I use Linux on all my machines.....
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
cmshepard 5th Jan
@Steve I.
Do you think Linux does not need security fixes?
Apple thought the same way.
Ignorant.
Check this website. http://www.reallylinux.com/docs/security.shtml
0 Votes
+ -
Well here's the dirty list
ScorpioBlue 5th Jan
https://help.ubuntu.com/community/Linuxvirus

@cmshepard

Most of these are years old and are longer a threat. You can count them on a couple of hands.

Now if there's something you know about that the good folks over at Canonical don't know, then please drop them a line. I'm sure they'll be glad to hear from ya.

wink
0 Votes
+ -
Linux security fixes
pfyearwood 5th Jan
@cmshepard Linux ships out security fixes as they become available, not once a month. At least the majors do.

Paul
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
The Rifleman Updated - 6th Jan
@Steve I.
I'd love to have just a once a month update cycle as a Linux User! The constant updates are extremely annoying and a detraction from getting my work done.

My group of patches yesterday was 51 in band changes including a Kernel of which, I have to manually choose at next boot and then have to edit GRUB to tell it to use it all the time. - And when the boot list of unused Kernel gets to annoying, I have to edit GRUB again and tell it not to display the Kernels I no longer need which!, is all of them! And one can boot from any of them so they occupy disk space and they're active! What's up wit that?!

I do like the thought of having the most current last Kernel as a safe boot option but hey Linux, GET RID OF THE UNUSED CRAP!!!!!

I MUCH PREFER PATCH TUESDAY to the excessively annoying Linux Patch EVERYDAY System!
0 Votes
+ -
Curious
m0o0o0o0o Updated - 6th Jan
@The Rifleman I had annoying issues with grub also, until I modified the header file to make the changes semi-permanent

gksudo gedit /etc/grub.d/00_header
sudo update-grub

hth
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
tmsbrdrs 6th Jan
@The Rifleman
Maybe you should switch distros. I get updates, plenty of them, but mine all install pretty much silently, in the background, while I continue my work.
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
tmsbrdrs 6th Jan
@The Rifleman
Maybe you should switch distros. I get updates, plenty of them, but mine all install pretty much silently, in the background, while I continue my work.
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
cmshepard 6th Jan
@Steve I. Standard reply to any criticism of Linux. Oh, those were old. So what?

OK, try this one.
https://threatpost.com/en_us/blogs/kernelorg-site-compromised-083111
There are many if you want to look for them. It does not matter if the break-in got anything useful, they managed to break in, and it took a long time to be discovered.
Microsoft does updates every week. That seems to me be a reasonable schedule. Unlike constantly, or monthly, or every six months.

Linux is just another operating system. A clone of Unix created by Torvalds so he did not have to pay for real Unix while he was studying Computer Science. Unix that runs on X86. I admit that was a tremendous accomplishment, but it is not immune from attack. Neither is Unix.

If you really want to help Linux take over the world, you might consider changing your attitude. It appears that Ubuntu developers are the only ones that understand what they must do to accomplish that goal, but most Linux afficianados are opposing the Unity GUI. Why? Because you hate Windows and Microsoft? Not smart, in my opinion. You are not being helpful.
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
tom@... 6th Jan
@Steve I.
I would suggest you go read up on the fixes awaiting installation in your 'nix; there are a lot of them available. Why something with less than 1% market share is a target for these bottom feeders I don't know, but their IQ must about equate to yours.
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
PollyProteus 6th Jan
@Steve I.

So... What, you have update notifications turned off in your Linux? I ask because at least once a week there are updates notifications for my Linux systems.

Just saying, don't be blowing your own horn, you might break your back bending over forward that far.
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
WATKINS12@... 5th Jan
It would be nice if they fixed their hotmail service. In trying to file a problem report, I eventually wound up in a forum where 1000s of people have the same problem I have and many of those are months old.
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
WATKINS12@... 5th Jan
It would be nice if they fixed their hotmail service. In trying to file a problem report, I eventually wound up in a forum where 1000s of people have the same problem I have and many of those are months old.
0 Votes
+ -
MS patch Tuesday
geum 5th Jan
Sort of gives you confidence that all is normal, dunnit?
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
brunnegd 5th Jan
So how old is Win XP? And there are still security holes? It is a good thing MS does not provide software on satellites. None of us would have satellite TV, radio, any satellite comms. What a joke.
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
T-Wrench 5th Jan
To Toddybottom:
"The Windows vulnerabilities will apply to all versions of Microsoft???s flagship OS, including the newest Windows 7 and Windows Server 2008 R2."
Ah yes, windows, the Swiss cheese OS!
Now before you all start jumping down my throat, this is in reply to toddy-fauty's post yesterday about IOS 5.01!

I do use and like Win Vista and 7, but still use anti-virus as well as MSE on all my Win systems...

Thanks...
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
varick 6th Jan
@brunnegd yeah yeah yeah.....i still like XP thank you, and i am NOT going to use win 7 for you or anyone else. winfools can bite the big one on that. i stayed with win98 til i couldnt anymore.
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
bobmattfran 5th Jan
Microsoft is a joke, I have an IT department spending hours sorting out a not fit for purpose OS called windows. Then IT department also use an IBM mainframe running MVS which is stable, does not suffer from security problems and is over 18 years old.
Microsoft pays to much attention in whiz bang presentation which consumes processor time and memory. Perhaps they need to look at implementing better standards instead of playing games.
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
hopp64 5th Jan
@bobmattfran

Yeah sort out... Then switch to something else, or better yet, write your own, oh wait you forgot that ALL your software runs on Windows not on these other niche systems. MVS says it all, probably still running XP with IE6. Patch, test and move on quit your whining.
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
The Rifleman 6th Jan
@bobmattfran
Who writes viruses for MVS anyway?!!! Are you nuts? Windows is Luke Skywalker's father and that is why it's under attack. Add to this the millions of lines of code of which, is bound to be errors that will cause places of exploit. Lets see you write an O.S. of this size and scope and make it 100% secure!!

I have Windows XP, Vista 64 Ultimate, and Windows 7 64 all installed and running. And thanks to good PAID Ant-Virus with built-in Mal-Ware protection. None of them has ever been down or attacked.

I am very familiar with Router Security and have it fully cranked up. I have also secured my Operating Systems with Fire-Wall Rules as well. - And for what? To stay productive and not having to pull a machine out of the fire. And yes! You can add rules to the Windows Fire-Wall to lock down your machine. The trouble is, nobody knows they can and so it doesn't get done!

Maintenance is the cost of ownership. Get with the program.
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
swmace 6th Jan
@bobmattfran
If it takes your IT department hours to sort out Windows, the problem is with your IT department, not Windows. I work at a billion $/year corporation with more than 500 users and we have 4 people who support Windows and those people also handle other systems. I don't spend hours per week (much less per day) "sorting out" Windows.
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
KarrasB Updated - 6th Jan
I got a new computer for Christmas, beautiful little machine with duel-core processor and 3g ram...quite an upgrade for a non-tech. Then the automatic downloads from Microsoft began. 53 one day, 5 the next 7 the next...today I had a page freeze using Chrome. I think this will continue to happen unless I use IE. I hate Microsoft with its invasive control-freak business model. If I could afford to go back to school I would take computer science but I can't so for now I live to buy an Apple and never see Microsoft again.
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
tmsbrdrs 6th Jan
@KarrasB

try out Linux. Look up www.ubuntu.com and follow the directions to try it out. you'll save your money and you'll fall back in love with that beautiful little machine you just got.
0 Votes
+ -
RE: Patch Tuesday
michael56555@... 6th Jan
@KarrasB
If you had bought a Mac that had been on the shelf awhile, you would have had just as many updates. The last Mac I bought for the office had a 750mg update the first week and a 350mg update the 2nd. Buy a Mac if you like, it is about as good as a properly configured Windows 7 pc. But don't think it will always "just work". Your Chrome issue was probably just that, a Chrome issue. In my view Firefox is a better browser and I have never had it freeze. You may want to try it.
~Mike
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
T-Wrench 6th Jan
@michael56555@... WOW! Really, a 750mg update. That's a lot smaller than a 750mb update, which is what I think you meant...
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
Greenman9 6th Jan
I think I'm gettin' a headache !! LOL
0 Votes
+ -
RE: Patch Tuesday heads-up: Windows security holes
garp54@... 7th Jan
to whom it may concern, yeah, Windows is great and Linux has tons of problems. I maintain Windows boxes for others and the problem isn't daily updates, it's daily security/virus/software update conflicts/ etc. Anyone who loves Windows, have at it, I'm fine with Linux having a small share of the market. I'm fine with Linux "not being popular enough to be targeted", I'm fine with it all. I've never had a Linux user call up in a panic and say "my computer's all screwed up, fix it!". Choice is great. Windows users make their choice and more power to them. There's no reason for a war, penguins aren't fighters. Rage on microsoft devotees. All the best to you.
Windows does amazing things, it is just not everyone's taste. Linux is an alternative that meets the needs of a lot of us. I still find it amazing that there is an OS that anyone can access, use, personalize and depend on, all gratis. Good on to all.

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix