[ISN] Microsoft's April security patch

From: InfoSec News <alerts_at_private>
Date: Thu, 16 Apr 2009 00:08:01 -0500 (CDT)
http://gcn.com/articles/2009/04/15/microsoft-april-security-patch.aspx

By Jabulani Leffall
GCN.com
April 15, 2009

Microsoft has rolled out eight fixes in its monthly security release 
that addressing 23 vulnerabilities. The volume of security bulletins in 
the April patch marks this release as another historic Patch Tuesday 
event. Five items are deemed "critical" and two are labeled "important." 
Finally, Microsoft rounded out the slate with a "moderate" fix.

"Since Microsoft started providing exploitability information, this is 
the first time we've seen as many six vulnerabilities being exploited in 
the wild at the time the corresponding bulletins were released," said 
Don Leatham, director of solutions and strategy at Lumension. "This is 
definitely putting pressure on IT teams to get these patches tested in 
their environments and out to the endpoints in their organizations."

This month's security update touches on a wide array of Windows 
applications and services. Internet Explorer, Excel and Word get fixes 
this time.

Items associated with remote-code execution attacks by hackers get the 
critical status. The important fixes are designed to stave off two 
instances of elevation-of-privilege exploits. The moderate item is 
supposed to stop a denial-of-service attack.

[...]


_______________________________________________      
Best Selling Security Books and More!
http://www.shopinfosecnews.org/
Received on Wed Apr 15 2009 - 22:08:01 PDT

This archive was generated by hypermail 2.2.0 : Wed Apr 15 2009 - 22:11:42 PDT