Microsofts Patch Tuesday To Fix 40 Vulnerabilities Found By Information Security Researchers
Software products are susceptible to vulnerabilities. Vulnerabilities may be caused by programming errors. Again, software developers often assume that their products will be used under certain conditions. However, lack of awareness among users and non-adherence to secured IT practices may cause security breaches. Microsoft issues security patches for vulnerabilities on second Tuesday of every month. During the next security update, information security experts at Microsoft are expected to issue 17 bulletins that offer remedies for 40 vulnerabilities.
The latest security update is likely to fix the privilege elevation vulnerability caused by Stuxnet worm. The worm exploits flaws in the Windows Task Scheduler to gain additional privileges. Stuxnet has been in the news for attacks on industrial installations across the world. The security update is also likely to mitigate flaws related to the Protected Mode in Internet Explorer. Usually, computer security professionals use ethical hacking to detect vulnerabilities. Experts at Microsoft are likely to rate two bulletins as critical, 14 as important and 1 as moderate.
The security update from Microsoft is eagerly awaited by security administrators, Internet users and IT professionals all over the world. Ironically, hackers also await the security update from Microsoft as they reveal new vulnerabilities. Usually, there is a time lag between the security updates from software developers and their adherence by security administrators. Hackers take advantage of the delay by exploiting vulnerabilities in software products and programs. Some security experts have termed the phenomenon as Hack Wednesday, as hackers proactively exploit vulnerabilities. Most of the Internet users miss security patches due to lack of awareness on threats prevalent in the Internet environment, lack of technical knowledge, inability to identify the appropriate security patches for software products used by them.
Internet users may follow the Internet security tips provided on the sites of regulatory agencies, banks, online shopping sites and counter-crime agencies to strengthen their IT security infrastructure.
The latest security update is likely to fix the privilege elevation vulnerability caused by Stuxnet worm. The worm exploits flaws in the Windows Task Scheduler to gain additional privileges. Stuxnet has been in the news for attacks on industrial installations across the world. The security update is also likely to mitigate flaws related to the Protected Mode in Internet Explorer. Usually, computer security professionals use ethical hacking to detect vulnerabilities. Experts at Microsoft are likely to rate two bulletins as critical, 14 as important and 1 as moderate.
The security update from Microsoft is eagerly awaited by security administrators, Internet users and IT professionals all over the world. Ironically, hackers also await the security update from Microsoft as they reveal new vulnerabilities. Usually, there is a time lag between the security updates from software developers and their adherence by security administrators. Hackers take advantage of the delay by exploiting vulnerabilities in software products and programs. Some security experts have termed the phenomenon as Hack Wednesday, as hackers proactively exploit vulnerabilities. Most of the Internet users miss security patches due to lack of awareness on threats prevalent in the Internet environment, lack of technical knowledge, inability to identify the appropriate security patches for software products used by them.
Internet users may follow the Internet security tips provided on the sites of regulatory agencies, banks, online shopping sites and counter-crime agencies to strengthen their IT security infrastructure.
Source...