Categories: PCSecurityWorkspace

Microsoft Issues First Security Patch Of 2010

Microsoft is kicking off the new year with a single Windows security bulletin.

The first Patch Tuesday release of 2010 will contain a fix rated “critical” for Windows 2000 users and low for others. According to Microsoft’s pre-Patch Tuesday notification, the bulletin addresses a remote code execution vulnerability, and the exploitability index – the rating system that predicts the likelihood of a successful exploit – is not high.

The single bulletin means that a fix for the SMB (Server Message Block) protocol vulnerability the company warned users about in November is not on the menu to be fixed by 12 January. According to Microsoft Security Program Manager Jerry Bryant, the company is still working on the issue.

“We are not aware of any active attacks using the exploit code that was made public for this vulnerability and continue to encourage customers to follow the guidance in the advisory which outlines best practices to help protect systems against attacks that originate outside of the enterprise perimeter,” Bryant wrote on the Microsoft Security Response Center blog.

Microsoft is also not releasing a patch for the IIS (Internet Information Services) problem reported in late December. According to Microsoft, the issue is not an actual vulnerability in IIS 6.0, but an inconsistency in how it handles semicolons that can only be exploited if IIS is configured in a vulnerable setting.

This month’s Patch Tuesday release is slated to be available at 1 pm EST, 12 January.

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Share
Published by
Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

4 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

4 days ago