RealTime IT News

IT Staffs Deal With Latest Microsoft Patches

Hackers have and continue to feast on Microsoft applications—particularly Internet Explorer—and the software giant's monthly Patch Tuesday release has largely become just another mundane task for enterprise IT departments to complete as quickly and painlessly as possible.

But as eSecurity Planet reports, this month's fixes are both numerous and crucial to safeguard corporate IT networks from a bevy of online thieves looking to compromise Microsoft's less-than-ironclad applications to steal information for a variety of purposes.

The most significant of the three critical patches contains fixes for five privately disclosed security flaws in all versions of Internet Explorer (IE), including IE8 running on Windows clients, including Windows 7.

A second critical patch contains fixes for two dangerous security vulnerabilities in the way Windows decompresses media files.

The third critical patch provides a so-called "cumulative update" for ActiveX control "kill bits." Kill bits are used to disable certain ActiveX controls that have been identified as containing exploitable security holes.

Microsoft released fixes for three "critical" security holes in its June Patch Tuesday drop, but that was only part of the story.

While those three patches were the only ones that garnered Microsoft's (NASDAQ: MSFT) highest rating on its four-tier severity scale, that doesn't mean that IT administrators can relax.

"As part of our regular monthly security bulletin release cycle, we released 10 bulletins (patches) to address 34 total vulnerabilities in Windows, Microsoft Office (including SharePoint), Internet Explorer (IE), Internet Information Services (IIS), and the .NET Framework," Jerry Bryant, group manager for response communications, said in a post to the Microsoft Security Response Center blog.

Read the full story at eSecurity Planet:
Microsoft Fixes Three Critical Security Holes