Language Selection

English French German Italian Portuguese Spanish

Eight new patches from Microsoft

Filed under
Microsoft
Security

Microsoft will release eight Patches For Windows, Office, Exchange, and MSN Messenger, at least half of which will be marked "critical."

The Patches will hit on the same day that Microsoft turns off its automatic blocking of Windows XP Service Pack 2 (SP2), which many companies applied last year when the OS revision released.

According to information posted on Microsoft's Security Bulletin Advance Notification website, five of the eight fixes will be For Windows, and one each For Office, Exchange, and MSN Messenger.

Microsoft doesn't hand out details of its upcoming Patches when it makes monthly pre-announcements, so the exact nature of the fixes are unknown. The Common Vulnerabilities and Exposures (CVE) database, however, lists a pair of unresolved Office vulnerabilities -- one with InfoPath, the other relating to bypassing policies that limit access to hidden drives by browsing from Office applications -- and one unpatched Exchange issue.

Third-party security firms give other hints of the upcoming patches, although most play it close to the chest. eEye Digital Security, For instance, is a frequent discoverer of Microsoft Windows vulnerabilities, but doesn't disclose details until Patches are made public. It does, however, tally the number of vulnerabilities it's found that have not yet been fixed, and marks the number of days since it provided that information to the vendor.

eEye currently lists two vulnerabilities in Windows that it's tagged as "high severity." One was given to Microsoft on 16 March, the second on 29 March.

Microsoft also said that it would continue the practice of updating its Windows Malicious Software Removal Tool by releasing a new version. Two other high-priority updates For Windows will also be posted to the Windows Update site, said Microsoft, although these are not security related.

Source.

More in Tux Machines

KTextEditorPreviewPlugin Reaches 0.1.0 and a Quick Look (Screenshots) at KDE Plasma 5.11

  • KTextEditorPreviewPlugin 0.1.0
    The KTextEditorPreviewPlugin software provides the KTextEditor Document Preview Plugin, a plugin for the editor Kate, the IDE KDevelop, or other software using the KTextEditor framework. The plugin enables a live preview of the currently edited text document in the final format. For the display it uses the KParts plugin which is currently selected as the preferred one for the MIME type of the document. If there is no matching KParts plugin, no preview is possible.
  • Quick Look at KDE Plasma 5.11
    KDE released Plasma 5.11 beta version at 14 September 2017. The new star feature here is Plasma Vault, an ability to protect your folder with password. You can try it on the latest KDE neon before the Plasma finally released next October. Here is a quick look to the new things on KDE Plasma on neon dev-unstable.

Antergos 17.9 Gnome - Ghost riders in the Tux

Antergos 17.9 is a weird distro, full of polarities. It comes with a weak live session, and it does not really demo what it can do. The installer is good, robust, and if offers some neat tricks, including extra software and proprietary graphics driver. I'm really impressed by that. The installed system behaved reasonably, but with some oddities. Hardware support isn't the best, most notably touchpad and what happened after waking from suspend. On the other hand, you get good smartphone and media support, a colorful and practical software selection, a moderately reasonable package manager with some tiny dependency hiccups, pretty looks, okay performance, and nowhere does it advertise its Archness. Much better than I expected, not as good as it should be. Well, taking everything into consideration, I guess it deserves something like 7.5/10. Antergos needs a livelier live session, more hardware love out of the box, and a handful of small tweaks around desktop usability. Shouldn't be too hard to nail. Worth watching. Read more

LibreELEC (Krypton) v8.1.2 BETA

This is the third beta for our 8.2 release. It addresses minor findings related to the Samba bump: we now detect and avoid invalid Samba v3 configurations, old samba.conf.sample templates are overwritten with the new v4 template, and remote SMB shares are mounted using SMB2 or where possible SMB3. The release also adds support for the Raspberry Pi IQAudIO Digi+ board and a Xiaomi BT remote, and includes security fixes for the Blueborne Linux/BlueZ vulnerability. This is hopefully the final 8.1.x beta release; next will be 8.2.0. Read more

Android Leftovers