Microsoft previews a quiet May Patch Tuesday
By Miya Knights,
Microsoft has issued its Patch Tuesday preview, warning of four security updates next week.
Three of the patches are rated 'critical,' and relate to patching Windows, Word, Publisher as well as all of the vendor's anti-malware applications.
It's thought the critical patches will address vulnerabilities in Microsoft's word processor and desktop publishing software, while the third will likely address a bug that's existed in Microsoft's Jet Database Engine that can be traced back to 2005.
Microsoft itself only acknowledged they were critical bugs affecting the Windows component that provides data access to applications such as Microsoft Access and Visual Basic on 22 March. In a security advisory it said it had heard "public reports of very limited, targeted attacks" using Word documents to trigger the Jet Database bug, but later admitted it had not patched it sooner because it thought it already blocked the most obvious attack vectors.
In a Microsoft Security Response Centre (MSRC) blog posting, group operations manager, Mike Reavey said it might replace the version of Jet in Windows 2000, XP and Server 2003 SP1 to fix the flaws. But the Jet Database Engine included in Windows Vista, Windows Server 2003 SP2 and the just-released Windows XP SP3 is not vulnerable.
The pre-patch notice confirmed that the database update will replace Jet in Windows 2000, XP SP2 and Server 2003 SP1.
The only non-critical patch Microsoft said it would release will fix flaws in its anti-malware consumer and enterprise products. Microsoft called the flaw a "denial-of-service issue" in Antigen, Forefront Security, Windows Live OneCare and Windows Defender.
The security updates will replace the pre-patch notice next Tuesday 13 May around 1pm Eastern time (6pm BST).
Related Tags
advertisement
Latest Security Features
NHS IT - something to celebrate?
To mark the 60th anniversary of the NHS, IT PRO examines the massive IT overhaul at the health services giant.
- Q&A – Tom Ilube, head of Garlik
- Ten of the most infamous ‘black hat’ hackers
- USB Flash Disks: A modern day business curse?
- Creating a mobile data management policy
- Behind the scenes: Symantec's malware battle
- The rise of storage security
- Google Mail Security
- Demand for tougher data breach legislation
- An Audience with Bill Gates
Latest Security Reviews
Finjan Vital Security Web Appliance NG-6000S
Rating: 
- LogLogic MX2010
- Exclusive: WatchGuard Firebox Core X750e
- Sophos ES4000 Security Appliance
- Microsoft Forefront Security for Exchange and SharePoint
- EXCLUSIVE: Juniper Networks SSG 550 UTM appliance
- EXCLUSIVE: Arbor Networks Peakflow X 3.7
- EXCLUSIVE: Check Point UTM-1 1050
- EXCLUSIVE: Finjan Vital Security NG-5100
- EXCLUSIVE: Astaro Security Gateway 120 Appliance
advertisement
Latest News Videos in Security
Video: Q&A with Richard Archdeacon, Symantec
PlayIT PRO speaks to Richard Archdeacon, director, global services, at the information security software vendor Symantec.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?