Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Microsoft Plans Few Security Fixes for September’s Patch Tuesday

Microsoft has a relatively light Patch Tuesday planned for next week with no critical patches.

According to the company’s pre-patch advisory, Microsoft plans to release five security updates rated ‘Important.’ The bulletins cover issues in Windows, Microsoft Office and Microsoft Server Software such as SharePoint Server and Office Groove Data Bridge Server.

Microsoft has a relatively light Patch Tuesday planned for next week with no critical patches.

According to the company’s pre-patch advisory, Microsoft plans to release five security updates rated ‘Important.’ The bulletins cover issues in Windows, Microsoft Office and Microsoft Server Software such as SharePoint Server and Office Groove Data Bridge Server.

Patch Tuesday September 2011Of the five bulletins, three address issues that could be exploited to remotely execute code. The other two can be used to escalate privileges.

“It’s easy for organizations to gain a false sense of security during a light patch month and sometimes an attitude of complacency towards non-critical vulnerabilities is evident, but while there are no “critical” bulletins this month, organizations should not downplay the vulnerabilities being addressed,” opined Marcus Carey, security researcher from Rapid7. “I know of organizations that have 30 day patch requirements for “critical” – which is too long in my opinion – and up to three months to patch “important” and below.”

Vulnerability Resource: Vulnerability Management Buyer’s Checklist: Key Questions to Ask

But it’s not just Microsoft that has patches planned. Adobe has some fixes of its own on the way. The company did not say much about what issues would be addressed, but that the updates would be for Adobe Reader and Acrobat versions X (10.1) and earlier for Windows and Macintosh.

Both sets of patches are slated to be available Tuesday, Sept. 13.

Related Resource: The Top 10 Reports for Managing Vulnerabilities

Advertisement. Scroll to continue reading.
Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.