Seven Bulletins Planned for October Patch Tuesday

After a very light Patch Tuesday in September, Microsoft returns to more typical patch levels this month. According to their October advanced notification, Microsoft plans to release seven security bulletins next week, fixing around 20 vulnerabilities in some of their most popular products. The affect products include Windows, Office, SQL Server, Microsoft Server Software, and a few other products. Microsoft only rated one of the bulletins as Critical, and the rest as Important.

Despite the return to more typical patch numbers, next Tuesday’s Patch Day doesn’t appear too substantial. With only one Office update rated Critical, this upcoming Patch Day seems less severe than many we’ve had in the past. That said, remote attackers will probably be able to leverage that critical Office issue to execute code on your computer. So it’s still important that you download, test and deploy next week’s updates as quickly as you can.

Also, don’t forget Microsoft’s planned certificate handling update. As I mentioned in previous posts, Microsoft plans to push an update that forces Windows computers to only accepts 1024 bit (and higher) RSA certificates. Be sure you’ve checked the certificates in your PKI infrastructure before next Tuesday.

I’ll release a more details about Microsoft’s updates next week. Stay tuned! — Corey Nachreiner, CISSP (@SecAdept)

About Corey Nachreiner

Corey Nachreiner has been with WatchGuard since 1999 and has since written more than a thousand concise security alerts and easily-understood educational articles for WatchGuard users. His security training videos have generated hundreds of letters of praise from thankful customers and accumulated more than 100,000 views on YouTube and Google Video. A Certified Information Systems Security Professional (CISSP), Corey speaks internationally and is often quoted by other online sources, including C|NET, eWeek, and Slashdot. Corey enjoys "modding" any technical gizmo he can get his hands on, and considers himself a hacker in the old sense of the word.

Trackbacks/Pingbacks

  1. WatchGuard Security Week in Review: Episode 36 – White House Hack | WatchGuard Security Center - October 5, 2012

    [...] Microsoft October Patch Day Notification – WGSC [...]

  2. WatchGuard Security Week in Review: Episode 36 – White House Hack « microreksa - October 7, 2012

    [...] Microsoft October Patch Day Notification – WGSC [...]

  3. Microsoft Black Tuesday: Office, Windows, and SQL Server Updates | WatchGuard Security Center - October 9, 2012

    [...] promised, Microsoft released seven bulletins fixing vulnerabilities in several of their products. The [...]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 7,706 other followers

%d bloggers like this: