back to article Microsoft puts Patch Tuesday on a diet, fixes Office flaw

Microsoft is planning a light October edition of its regular Patch Tuesday updates next week that focuses on Office flaws and features just one critical patch. The critical bulletin features a vulnerability in Microsoft Office 2003, 2007, and 2010 as well as Word Viewer and Microsoft Office Web Apps. Office for Mac is not …

COMMENTS

This topic is closed for new posts.
  1. Ken Hagan Gold badge

    No public exploits, yet

    "It should be a relief to many that none of the bulletins requires immediate attention, as none of them address vulnerabilities being exploited in the wild; all were privately reported vulnerabilities. This means that there isn’t any publicly known exploit code for this month’s bulletin cycle."

    Well, not until Wednesday, by which time the black hats will have reverse engineered the patches. But I suppose if sys admins are going to lose sleep over the certificate change, it is probably fortunate that there aren't too many other crises in play.

  2. Anonymous Coward
    Anonymous Coward

    Patching in perspective

    The latest US-CERT Vulnerability Summary (http://www.us-cert.gov/cas/bulletins/SB12-275.html) for the _week_ of September 24 contains over 100 vulnerabilities including:

    Google – 24 vulnerabilities

    Cisco - 10 vulnerabilities

    IBM - 10 vulnerabilities

    HP - 6 vulnerabilities

    Microsoft - 4 vulnerabilities

    Plus vulnerabilities for Apache, Adobe, EMC, McAfee, Oracle, Phpb2b, Phpmyadmin, Rsyslog, Siemens, TrendMicro and Ubuntu.

    Most Microsoft and Google Chrome users will probably actually get these updates. How true is this of the rest I wonder?

This topic is closed for new posts.

Other stories you might like