Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Microsoft to patch dangerous Outlook hack-by-preview bug next week

Gregg Keizer | Sept. 6, 2013
Sets Patch Tuesday plans with slate of 14 updates, including critical fixes to IE, Windows, Office and SharePoint

Both were notable to Storms.

"Microsoft is definitely clearing out the backlog, the crud, in Windows XP," Storms said, referring to the impending April 2014 end of support for the aged OS. "I think it shows the continued commitment to XP, up until the last possible day."

While some security professionals and industry analysts have argued that Microsoft may retreat from its line in the sand over XP patches, Storms has not been among them.

Bulletin 1, which impacts SharePoint, Office's collaboration platform, will also be important to patch pronto, some said today. "I believe Bulletin 1 is the most dangerous because it allows remote code execution on SharePoint servers," said Tommy Chin, a technical support engineer at CORE Security, in an email. "The data on a server is typically worth more than data on a workstation machine and it is fairly easy to discover SharePoint servers using Google."

Several of the 10 updates marked important will patch vulnerabilities that can be exploited remotely, including three involving Word, Excel and Access, the word processor, spreadsheet and database applications within the Office bundle.

"Almost every part of the Office suite will be patched," said Storms, only slightly exaggerating. "We haven't seen a heavy Office release like this in quite some time."

Microsoft will release next week's security updates on Sept. 10 around 1 p.m. ET.


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.