Jump to content

Microsoft patch reinforces the value of software upgrades


Recommended Posts

http://cdn.mos.techradar.com/art/TRBC/Abstract/Lock%20on%20keyboard%20button/iStock_000002900430Small-bluestocking-470-75.jpg

The latest of Microsoft's monthly patches, released on Tuesday, has reinforced the need for organisations to move on from older versions of software to avoid attacks.

The Microsoft Patch for December addressed 24 vulnerabilities with 11 security bulletins. The bulletins covered Windows, Office, Internet Explorer, Visual Studio and Sharepoint among other pieces of Microsoft software. Five of the bulletins held a critical rating, stressing the need to apply the patches as soon as possible.

MS13-096, one of the patches, fixes a vulnerability (already being exploited by attackers) in the GDI+ library for parsing TIFF image files. It affects older Microsoft software including Vista and Office 2003, 2007 and 2010. It has already been recorded as being used in attacks in the Middle East and Asia.

Among other problems addressed by the patch this month include malicious webpage attacks, script functionality and fake Authenticode algorithms.

Easy targets

Newer software, naturally, tends to have less vulnerability to these attacks than older software. Windows 8 has more security features than 7, and 7 more than Vista. "Even if you fully patched Windows XP you are running far more of a risk than with Windows 7" Qualys chief technology officer, Wolfgang Kandek, says.

Kandek notes as an example that there is a zero-day vulnerability in XP (not addressed in this month's patch) which exploits have already been crafted for. In this case, an infected PDF file can be sent to a user that, when opened, deposits code that grants an outside user administrative access.

Qualys estimates that 15% of businesses are still running Windows XP. Though its use is declining, it is doubtful that no companies will be on the OS by April 2014 when Microsoft stop issuing security patches. "After April, all these machines will be very easy targets," stresses Kandek.

In 2013 Microsoft has covered 330 vulnerabilities with 106 bulletins.

http://rss.feedsportal.com/c/669/f/415085/s/34beeb9a/sc/15/mf.gif


http://da.feedsportal.com/r/183026165095/u/49/f/415085/c/669/s/34beeb9a/sc/15/rc/1/rc.img
http://da.feedsportal.com/r/183026165095/u/49/f/415085/c/669/s/34beeb9a/sc/15/rc/2/rc.img
http://da.feedsportal.com/r/183026165095/u/49/f/415085/c/669/s/34beeb9a/sc/15/rc/3/rc.img

http://da.feedsportal.com/r/183026165095/u/49/f/415085/c/669/s/34beeb9a/a2.imghttp://pi.feedsportal.com/r/183026165095/u/49/f/415085/c/669/s/34beeb9a/a2t.imghttp://feeds.feedburner.com/~r/techradar/software-news/~4/iAxv56Vxk4M
Link to comment
Share on other sites

  • 6 years later...

In the event that you have chosen to sit for the affirmation test, by then it would be the best thought for you to start your strategies with , which are the most significant assessment material present on the web! These confusing things will help you in acing 70-705 exam dumps with no issue. The things have been made with a dream to give the test takers the most simple, sagacious, and very evident substance that needs no help.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...