You are here: silicon.com > Software > Security Strategy

Security Strategy

Microsoft primes DNS fix for Patch Tuesday

And a hole lot more...

Tags: hole, patch, microsoft

By Joris Evers

Published: 4 May 2007 08:59 GMT

Microsoft is planning to release seven security bulletins on Tuesday, including a fix for a zero-day flaw in Windows that is already being used in cyber attacks.

The bulletins, part of Microsoft's monthly patch cycle, are slated to provide fixes for an undisclosed number of security vulnerabilities in Windows, Office, Exchange and BizTalk, Microsoft said on its website. The issue affecting BizTalk also relates to 'Capicom', a developer component to add cryptography to applications.

Each of the four product families is scheduled to get at least one "critical" update, Microsoft's highest severity rating, the company said. Microsoft plans to release two bulletins related to issues in Windows and three related to Office, with one remaining for both Exchange and BizTalk, it said.

Security issues tagged as critical typically could allow an attacker to gain full control of an affected system with very little, if any, action by the user.

Microsoft's updates will include a patch for a vulnerability in the Windows domain name system, or DNS. The security vulnerability affects Windows 2000 Server and Windows Server 2003. Microsoft warned of the problem last month and has said it was being used in "limited" attacks.

Some of the planned Office patches are likely to deal with vulnerabilities in the software that have been disclosed and have been waiting for fixes.

Microsoft gave no further information on the upcoming alerts, other than to state that some of the fixes may require restarting the computer or server.

Last month, Microsoft released six security bulletins. Shortly after it released the fixes, several new Office zero-day bugs and the Windows DNS bug hit. Some security watchers have come to call this phenomenon "zero-day Wednesday".

Joris Evers writes for CNET News.com

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business

Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business


  • Jobs
Web Applications Vulnerability Tester

You will conduct regular penetration tests using a variety of manual methods and specialist tools to find vulnerabilities and exploits and fix them. ...

Oracle DBA - Database Administrator-Leeds

Assists in the design, coding, testing and implementation of databases, ensuring the latest patches and hot fixes are installed in accordance with ...

Windows, .NET Implementation Support Engineer

installation, upgrade, issue resolution Review and testing of bug fixes prior to them being incorporated into a released for the client Acting as the ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.





Quick Sitemap Links: