Microsoft issued a single security bulletin that addressed just one vulnerability on Tuesday. However, Microsoft rated the vulnerability as critical. Meanwhile, Oracle and Adobe put out patches of their own, making it a busy week for IT administrators.
“The lone Microsoft vulnerability affects everything from Windows 2000 to Windows 7, but is only rated critical for Windows 2000,” said Ben Greenbaum, senior research manager for Symantec Security Response. “From XP SP2 onward, Microsoft hardened heap memory with heap memory protection strategies; this makes the vulnerability less of an issue for the later systems.”
A Belated Christmas Gift
With only one bulletin, Microsoft is bringing a belated Christmas present to all IT admins in the form of the lightest Patch Tuesday we’ve seen in years, said Paul Henry, Lumension security and forensic analyst.
“Let’s hope that IT admins can savor this unusually reduced patch release as they kick off the new year and use the time to prepare for the numerous updates and patches that are being released this month from other vendors, including Adobe and Oracle,” Henry said.
“We also can’t forget the patches yet to come to resolve the current SMB denial-of-service problems, the MySQL zero-day rumors, the Adobe PDF issue, and the Apple zero-day that has recently had proof-of-concept code released in to the wild. Just because these flaws aren’t being addressed with the first patch bulletin of the year doesn’t mean that IT admins should not keep a close eye out for them in the near future.”
Microsoft’s Missing Patch
This is a very light Patch Tuesday from Microsoft and IT security teams should be taking advantage of the situation to address housekeeping items, according to Andrews Storms, director of security operations at nCircle. He suggested IT admins take the time this month to find every out-of-date Microsoft system and…
Buy This Item: [Click here to buy this item]