May Patch Tuesday coming up – Microsoft still not sure if latest 0-day fix will make the cut

A posting from Naked Security on patch Tuesday :  Microsoft’s Patch Tuesday for May 2013 will be published in the coming week.

It’ll be out on Tuesday 14 May 2013. (Wednesday 14 May for everywhere from about Malaysia eastwards.)

Here’s the elevator pitch:

  • 33 vulnerabilities identified and fixed.
  • Ten separate patches.
  • Eight rated Important. (Apply ASAP.)
  • Two rated Critical. (Apply immediately.)
  • A reboot is required.

Loosely translated, Microsoft’s interpretation of important means that an exploit against the vulnerability is likely to be found, but you’ll probably get some sort of warning, such as a pop-up dialog, if an attacker tries to use it.

On the other hand, critical means not just that a exploit is likely (or already known), but that it can be used silently – what’s known as a drive-by install – without popups or any other kind of warning.

The burning question about the May 2013 Patch Tuesday is this: will it fixCVE-​​2013-​​1347?

 

To read more click here: 

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.