Four security bulletins, one critical assessment, are scheduled to be released next Tuesday. In what is becoming customary for Patch Tuesday, administrators can expect another cumulative patch for Internet Explorer roll-up Addressing a series of vulnerabilities related to the execution of remote code in the browser.
The remaining three bulletins, all rated Important for Microsoft, there are a privilege-escalation bug in Windows 8 and 8.1 as well as Windows Server 2012 and RT. Another bulletin patches NET vulnerability in Windows Server 2003, 2008 and 2012, and the operating system on the client side back to Vista denial-of-service.
Another bug denial-of-service should be patched in collaboration software and instant messaging for Microsoft Lync.
"The number of expected some patches next week does not mean you can take a pass on patch This month, though," warns Ernst Russ, director, product management, Lumension.
Last month, Microsoft patched with an update rollup IE addressed 26 vulnerabilities including What exploited in the wild. The news of last month's batch of reports, but I had a bad patch, MS14-045, which was republished after users complained of crashes and blue screens of death. The report addressed vulnerabilities in kernel-mode drivers, and Microsoft blamed for matters of a system crash.
Meanwhile, Microsoft points out in a separate announcement public vulnerability disclosures that are approaching the levels corresponding to the first half of 2012, and more than 4,000 revelations that have been made annually since the beginning of 2011, this number is still very shy of 7000 disclosed over the period 2006-2007, Microsoft said.
For the second half of 2013, for example, information in the whole industry increased by 6.5 per cent were from the beginning of the year, and up 12.6 percent from the second half of 2012 The severity of information , however, is down. A little more than six per cent of the bug Scored 9.9 or higher than the standard CVSS in the second half of 2013, down from almost 13 percent in the first six months of the year.
"Complexity vulnerability is an important factor to consider in determining the extent of the threat it poses a vulnerability," Microsoft's Tim Rains wrote in the report. "A high-severity vulnerability that can be exploited only in rare and very specific circumstances may require less immediate attention of a lower severity vulnerabilities can be exploited What more easily."
Disclosure of medium and low-complexity bug, which present the highest risk for users, by far the most numerous revelations high complexity of vulnerability, Microsoft said.
The third-party applications such as media players or web components: such as Flash or Java continue to thrive, with about 34.4 per cent in the last half of 2013 and account for 58 percent of the information during that time frame. Disclosures of operating system vulnerabilities, meanwhile, were down 46 percent and represented 15 percent of all information. Bug browser, meanwhile, were also down by 28 percent and made up 10 percent of global communications.
Information also examined for Microsoft products STDs, 174 in the second half of 2013, an increase of 2 percent compared to the first six months. Statement Microsoft account for 7 percent of segment information, a slight decrease from the beginning of the year ....
No comments:
Post a Comment
Note: only a member of this blog may post a comment.