I.T. admins can breathe a sigh of relief this month -- at least on the Microsoft front. While new Storm worm attacks and Skype viruses make their way across the Internet, Microsoft's September Patch Tuesday is a breath of fresh air compared to the past few months.
Originally slated were five sets of patches, but the number of security bulletins shrunk to four late Friday. Of those four, one is rated critical. The critical patch, which will require a restart, fixes a bug that potentially allows a hacker to take control of the victim's computer from a remote location.
Another security bulletin describes a vulnerability for Windows Services for Unix and the subsystem for Unix-based applications. The patch to fix this bug is rated important and will require a restart.
The second important patch affects Microsoft Visual Studio. This update will not require a restart. The third important bulletin affects MSN Messenger and Windows Live Messenger. These products provide built-in mechanisms for automatic detection and deployment of updates, and will not require a restart.
A Little More Breathing Room
Paul Zimski, senior director of market and product strategy for PatchLink, said September's Patch Tuesday might be a reprieve from this year's series of heavy patch releases. But he also said that any vulnerability that lends itself to remote code execution should prompt I.T. administrators to identify which parts of their network are affected and to apply those patches first.
"The challenge for I.T. administrators this month won't be a matter of dealing with enterprise patch deployments, but rather how to find the affected systems in their environment that are exposed to these threats," Zimski said, noting that the relatively light Patch Tuesday should provide I.T. admins some breathing room for doing other things.
"If the Windows Messenger vulnerability lends itself to a chat-based attack vector, then organizations and users of the ubiquitous Microsoft Messenger should pay attention, because this would be a prime candidate for spreading malware and viruses," Zimski said.
Unpatched SharePoint Bug
The fifth patch, the one Microsoft canceled, would have addressed a flaw in Windows SharePoint Services 3.0 on Windows Server 2003 and SharePoint 2007. SharePoint is one of Microsoft's collaborative Web portals. It is a free component of Windows Server.
The important patch for SharePoint would have fixed a vulnerability that allows attackers to enjoy elevated privileges on compromised systems. That means attackers could gain access to data that would otherwise be protected under normal settings. Microsoft did not disclose when it would release the SharePoint patch.