Greg Lambert

About the Author Greg Lambert

IDG Contributor Network: Critical updates for Microsoft Office for October Patch Tuesday

This is an unusual October Patch Tuesday release from Microsoft. Normally, we would see a number of urgent critical updates from Microsoft for severe, massively damaging exploits in either Adobe Flash Player or several less severe but still urgent issues in both of Microsoft’s browsers. This month is different. No Adobe Flash Player updates. I repeat, no Flash updates. And no urgent browser updates, either.

For this October Patch Tuesday, Microsoft Office has the highest, most serious rating with a publicly reported and already exploited vulnerability in the Word automation component. In addition, Microsoft has released a number of security advisories for Windows 10. The most serious (ADV170012) relates to “a security vulnerability [which] exists in certain Trusted Platform Module (TPM) chipsets.” With a relatively high CVSS score of 7.3, this firmware update requires some attention. You can also find a helpful infographic from Chris Goettl’s blog here.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

IDG Contributor Network: September Patch Tuesday brings critical updates for Window, Edge and .NET

September brings a relatively large patch profile for Microsoft with 76 reported vulnerabilities, three public disclosures (thank you, Google) and unfortunately one zero day exploit. You used to be worried about browsers and Flash, now we have a publicly exploited vulnerability for augmented reality (AR) with a fix for Microsoft’s HoloLens headset.

For this September Patch Tuesday, Microsoft is only shipping security updates with patches to the following product groups:

Read more 0 Comments