By Elinor Mills
October 12, 2010
In a record Patch Tuesday, Microsoft released updates today for Windows,
Internet Explorer, and the .NET framework that feature fixes for 49
holes, including one being exploited by the Stuxnet worm.
Microsoft recently fixed two of the four unpatched holes being used by
Stuxnet to spread to Windows-based machines. The malware ultimately
targets systems running software from Siemens that is used in critical
infrastructure operations. Today's release plugs one (MS10-073) of the
remaining two holes and the company said in a blog post that the final
hole will be addressed in an upcoming security bulletin.
Meanwhile, Microsoft provided a priority list for the 16 bulletins being
released, which fix 6 holes that are rated "critical." Four
vulnerabilities are singled out because there are likely to be exploits
developed for them, according to a Microsoft blog that assesses the
risks of the various vulnerabilities.
The first bulletin to be deployed should be the MS10-071, a hole in IE
6, 7, and 8 that could allow an attacker to take control of a computer
if a user browses to a malicious Web page. Second on the list should be
MS10-076, which affects Windows XP, Vista, Windows 7, and Windows Server
2003 and 2008.
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.