Only one patch due in Microsoft's monthly security fix
September is starting to look like a quiet month for Microsoft 's security response team. The software vendor said Thursday that its monthly release of security fixes, expected next Tuesday, will cover only one issue: an unidentified flaw in the Windows operating system. The bug is rated as critical, meaning that a worm could take advantage of it without user action. The patch for this bug, called an "update" by Microsoft, will come as part of the company's regular monthly patch release cycle. Microsoft releases most software patches on the second Tuesday of each month, a date that has come to be known as "Patch Tuesday" by security professionals. In August, Microsoft released six updates on Patch Tuesday, and hackers wasted no time in targeting one of the problems they fixed. Within days, a number of different worm attacks that exploited a bug in the Windows Plug and Play service began taking down an estimated 250,000 computers, primarily Windows 2000 systems being run in corporate environments. When a large number of patches get released, companies can spend the entire month testing the new software to make sure it works with their existing applications, but with only one bug to be patched this month, things should be much easier, said Steve Manzuik, a product manager with eEye Digital Security's research group. "I think September will be quiet," Manzuik said. "When we get the six, seven, eight or nine patches, it gets to be a bit more difficult."
Reproduced from an article published by Network World
© Network World
The original article can be viewed here:
http://www.networkworld.com/news/2005/090805-microsoft-patch.html
Permalink Bookmark Digg this story
