Homepage This page's url is: -crn- Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Jobs HPE Discover 2019 News Cisco Partner Summit 2019 News Cisco Wi-Fi 6 Newsroom Dell Technologies Newsroom Hitachi Vantara Newsroom HP Reinvent Newsroom IBM Newsroom Ingram Micro ONE 2019 News The IoT Integrator Juniper NXTWORK 2019 News Lenovo Newsroom Lexmark Newsroom NetApp Data Fabric NetApp Insight 2019 News Cisco Live Newsroom HPE Zone Intel Tech Provider Zone

Microsoft To Issue 'Light' Four-Patch Update Tuesday

Microsoft plans to issue a light Patch Tuesday security update next week, giving highest priority to a critical remote code execution flaw in Vista and Windows 7.


In its impending July patch, Redmond is giving highest priority to a critical flaw in Windows Vista and Windows 7 that enables remote code execution, according to the Microsoft’s advanced notification bulletin, released Thursday. During remote code execution attacks, miscreants can exploit vulnerabilities remotely to distribute malicious code that takes complete control of affected PCs with little or no user intervention.

The remaining three bulletins, designated with the slightly less severe ranking of “important,” address security holes in Windows and Microsoft Office. One of the “important” updates will repair a flaw found in Visio 2003 SP3 that also allows hackers to execute remote code execution attacks. The other two bulletins plug security holes affecting Windows 7, Vista, XP and Server 2008, which could give intruders elevated user privileges if exploited.

Security experts say that Microsoft’s light July patch is consistent with the company’s pattern of alternating between heavy and light updates every month. The company released a massive Patch Tuesday bulletin in June , repairing a total of 24 vulnerabilities in 16 bulletins.

“Many companies will be able to take a breather this month as this is a relatively small release as compared to last month's 16 updates and is consistent with the cycle of smaller patches every other month,” said Amol Sarwate, vulnerability labs manager for Qualys, in an e-mail.

However, Paul Henry, security and forensic analyst at Lumension, warned that the Windows and Office patches would affect a significant swath of users and likely be cumbersome to install.

“While this Patch Tuesday may appear insignificant with just four patches, the reality is that it will be rather disruptive, as all the patches impact Windows and Office and require a restart,” he said.

Back to Top



sponsored resources