Microsoft is gearing up for a light Patch Tuesday this time around with no critical flaws. Instead, the company will be releasing 15 fixes for various vulnerabilities in Microsoft Windows, Office, and Server products as a part of the September Patch Tuesday.
Of the 15 patches, all of them are rated “important” and none of them are “critical.” Patches that are rated “important” are those that require “some kind of user-intervention to execute the malicious payload, such as tricking the user into visiting a malicious Website and downloading malware.”
The patches address elevation of privileged and remote code execution vulnerabilities and may require a restart of Windows. Two of the bulletins address both 32bit and 64bit of Windows XP, Server 2003, Server 2008, Server 2008 R2, Windows Vista, and Windows 7. Two other bulletins address Office 2003, Office 2007, Office 2010, Office 2004 (Mac), Office 2008 (Mac), Office 2011 (Mac), Office Groove, SharePoint Workspace 2010, and Excel Viewer. The final bulletin addresses SharePoint.
September’s Patch Tuesday may be a light one but many people will get a “false sense of security” and adopt an “attitude of complacency” towards vulnerabilities if patches are not rated as “critical”, at least that’s what a security researcher thinks.
Microsoft is schedule to release the September Patch Tuesday updates on September 13th.
Further reading: Microsoft, Patch Tuesday, Security
