Microsoft has released Security Bulletins for January 2013. This is the first “Patch Tuesday” of 2013 and as we do every month, bringing you details of the security bulletins that get released, along with details of how you should deploy the security bulletins. For Patch Tuesday of January 2013, Microsoft has released seven security bulletins. Out of the seven bulletins, two are rated critical, the maximum severity rating, the rest five bulletins are rated as important, which is the next highest possible severity rating. Six of the seven security bulletins fix issues in Windows operating system, two security bulletins fix issues in the .Net Framework and Microsoft Server Software, and the one left fixes issues in Microsoft Office and Developer Tools.
Microsoft has released December 2012’s Patch Tuesday. The year end’s Patch Tuesday has seven security bulletins that fixes vulnerabilities in various Microsoft products. Out of the seven security bulletins, five are rated critical, which is the maximum severity rating by Microsoft. The rest two bulletins are rated as important on the severity rating scale. The seven security bulletins of this month’s Patch Tuesday addresses 12 vulnerabilities in Microsoft Windows, Microsoft Office and Windows Server.
Windows RT will also be updated through two different updates (KB2753842, KB2779030), both of them being rated as “critical” in the severity scale. The updates for Windows RT brings improvements to Microsoft Surface which includes increased WiFi reliability, improved connectivity. Performance improvements includes support for access point names that use non standard ASCII characters. The update also reduces scenarios which resulted in limited WiFi connectivity.
For this month’s (October 2012) Patch Tuesday, Microsoft has released a total of seven patches to fix one critical and six important issues found in Windows, Office and some of its other products. If you have set Windows to automatically receive updates, Windows Update must have automatically installed the recommended updates.
“MS12-064 (Microsoft Word): This security update resolves two issues in Microsoft Office. This bulletin has a severity rating of Critical and can result in remote code execution. Only one of the two issues addressed by this bulletin is rated Critical, but in that case, an attacker could run code in the context of the logged-on user if they were to open a specially crafted Rich Text Format (RTF) file or previews or open a specially crafted RTF email message,” a Microsoft statement reads.
Apple has released carrier settings update 13.1 for iPhone 5 owners who are on America’s Verizon Wireless network. The update is released for iPhone 5 owners to fix WiFi bug. The patch is delivered to all Verizon Wireless network iPhone 5 users over the air (OTA). If you are a Verizon iPhone 5 customer, you may have already noticed an issue wherein your iPhone used up your cellular data when theoretically its connected to a WiFi network. You all have two great news, first, the OTA software from Apple, which fixes the WiFi bug. Second, you won’t be charged for unintended network overage which is related to the issue.
Summarizing about the update, Apple says, “An important new carrier settings update is now available for iPhone 5 on the Verizon Wireless network. This carrier settings update resolves an issue in which, under certain circumstances, iPhone 5 may use Verizon cellular data while the phone is connected to a WiFi network.”
Microsoft originally introduced desktop gadgets in Windows Vista operating system and continued supporting them in Windows 7 operating system. As the release of Windows 8 final version is coming near, there were reports that indicate that Microsoft will remove desktop gadgets from Windows 8 operating system. Microsoft has confirmed that it will deprecate Gadgets and Sidebar in Windows 8. Now, it seems Microsoft has a good reason for removing desktop gadgets from Windows 8.
Along with this month’s Patch Tuesday, a security advisory is released for Windows Vista and Windows 7 operating system. The security advisory is about vulnerabilities in desktop gadgets that could allow Remote Code Execution.
Windows users knows the importance of keeping their Windows operating system up-to-date. After-all, Windows has security issues, errors, or bugs that are regularly addressed by Microsoft every month through Patch Tuesday. Occasionally the operating system also receives new features through these updates. But, the operating system is not only the weak point for malicious users and hackers to enter your computer system.
Today, malicious programmers have shifted their focus on third-party applications such as Adobe Flash and Java. The reason for shifting their focus on third-party applications from the operating system is most users seldom update their third-party software. It is the truth, and you all will agree with me. After all, have you every checked all your installed apps to see if they are up-to-date? The main problem lies in the way Windows software is delivered to end-users. Microsoft doesn’t have any control over third-party apps so they don’t offer updates for them through Windows Update.
Microsoft has wheeled out the security patches for May, 2012’s Patch Tuesday. The Patch Tuesday for May 2012 covers 7 security bulletins to fix at least 23 documented vulnerabilities found in Microsoft Windows, Microsoft Office, .NET Framework and Silverlight.
Out of the seven bulletins, three are rated as “critical” because of the risk of remote code execution attacks, and the rest of the four bulletins are rated as “important“, as they will cover vulnerabilities that can cause code execution of privilege escalation attacks.
Apple has officially released Flashback Trojan Removal Tool that targets OS X Lion 10.7 users.
The Cupertino software giant has recommended all Mac users, who do not have Java installed on their OS X Lion, to run the standalone removal tool. Functionality of the tool is identical to that which is performed by the most recent Java update.
A technical note about the utility on Apple’s Support site states that “If the Flashback malware is found, a dialog will be presented notifying the user that malware was removed.” Further, it states that “In some cases, the Flashback malware removal tool may need to restart your computer in order to completely remove the Flashback malware.”
Apple’s Mac platform is always promoted as one of the safest platform than the competition. But the scenario is changing soon as Macs market share is growing. With its growth, the platform is now becoming a target just like its competition.
According to two independent security companies, Dr. Web and Kaspersky, an estimated 600,000 Mac computers worldwide are infected by the Flashback Trojan. Most infected Macs are based in the United States (around 55%), Canada (around 20%) and the UK (around 13%). The trojan is designed to steal personal information and disguises itself as the popular Adobe Flash browser plug-in.
Microsoft is planning to issue eight security bulletins which will fix 23 vulnerabilities in October’s Patch Tuesday. The software giant revealed the information through an advanced notification on Thursday.
The eight security bulletins will fix various problems in Windows operating system, Internet Explorer, Microsoft Silverlight, .NET Framework, and others. Two of the security bulletins are rated critical and will fix vulnerabilities in the .NET framework, Silverlight, Internet Explorer and Windows OS. The critical Internet Explorer flaw affects all supported versions of IE on all supported versions of Windows. The other six bulletins are rated as Important. Six of the bulletins will address Remote Code Execution problem, one fixes Elevation of privilege in Microsoft Windows and the other one fixes a Denial of Service problem in Microsoft Host Integration Server. Almost all the patches requires a system restart.