Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Microsoft Plans Few Security Fixes for September’s Patch Tuesday

Microsoft has a relatively light Patch Tuesday planned for next week with no critical patches.

According to the company’s pre-patch advisory, Microsoft plans to release five security updates rated ‘Important.’ The bulletins cover issues in Windows, Microsoft Office and Microsoft Server Software such as SharePoint Server and Office Groove Data Bridge Server.

Microsoft has a relatively light Patch Tuesday planned for next week with no critical patches.

According to the company’s pre-patch advisory, Microsoft plans to release five security updates rated ‘Important.’ The bulletins cover issues in Windows, Microsoft Office and Microsoft Server Software such as SharePoint Server and Office Groove Data Bridge Server.

Patch Tuesday September 2011Of the five bulletins, three address issues that could be exploited to remotely execute code. The other two can be used to escalate privileges.

“It’s easy for organizations to gain a false sense of security during a light patch month and sometimes an attitude of complacency towards non-critical vulnerabilities is evident, but while there are no “critical” bulletins this month, organizations should not downplay the vulnerabilities being addressed,” opined Marcus Carey, security researcher from Rapid7. “I know of organizations that have 30 day patch requirements for “critical” – which is too long in my opinion – and up to three months to patch “important” and below.”

Vulnerability Resource: Vulnerability Management Buyer’s Checklist: Key Questions to Ask

But it’s not just Microsoft that has patches planned. Adobe has some fixes of its own on the way. The company did not say much about what issues would be addressed, but that the updates would be for Adobe Reader and Acrobat versions X (10.1) and earlier for Windows and Macintosh.

Both sets of patches are slated to be available Tuesday, Sept. 13.

Related Resource: The Top 10 Reports for Managing Vulnerabilities

Advertisement. Scroll to continue reading.
Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.