Microsoft has announced that on Tuesday it will release a total of nine bulletins to patch a wide range of serious vulnerabilities, including some that affect Mac users.
Microsoft has announced that on Tuesday it will release a total of nine bulletins to patch a wide range of serious vulnerabilities, including some that affect Mac users.In an advance notification, Microsoft confirmed that five of the bulletins have been given the company's highest severity rating, Critical, and could be exploited by hackers to execute malicious code on the victim's computer. Software affected by the vulnerabilities includes Microsoft Office, Microsoft Visual Studio, Microsoft ISA Server, Microsoft BizTalk Server, .NET framework, and Client for Mac.
As always, no real information regarding the precise nature of these flaws has been made public at this point. However, that doesn't mean security vendors are in the dark regarding the nature of these vulnerabilities before their official announcement.
Sophos and many other security vendors are members of an initiative called the Microsoft Active Protections Program (MAPP). MAPP members receive security vulnerability information from Microsoft in advance of Microsoft's monthly security update.
That means we can provide update protection to our customers as early as possible, without details of the vulnerabilities potentially falling into the hands of hackers.
Even so, you would be wise to install Microsoft's security updates as soon as they become available. Ultimately, sealing the hole permanently is going to be a lot more secure approach than trying to stop everything that could come through it.
Graham Cluley is senior technology consultant at Sophos, and has been working in the computer security field since the early 1990s. When he's not updating his other blog on the Sophos website, you can find him on Twitter at @gcluley. Special to Dark Reading.
Read more about:
2009About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024