The latest Microsoft Patch Tuesday has been welcomed with internet shopping at its prime.
Andrew Clarke, senior vice president international at Lumension Security, claimed that as the Christmas season approaches, shopping online increases, which places additional pressure on IT administrators to protect their networks.
Clarke said: “Microsoft is planning to release a total of eight security bulletins this month, six of which deemed ‘critical' and the other two rated as ‘important'. One of the fixes involves eight-month-old privilege escalation vulnerability in XP, Vista, 2003 and 2008 that has exploit code reportedly available in the wild.
“Used in combination with a vulnerability that could allow remote code execution, this breach could effectively allow criminals to run exploits at a higher level of privilege, potentially making this a much more serious issue.
“Four critical updates, Windows 1 and 2, Microsoft Word and Excel bulletins, four key pieces of software and major applications used within the enterprise, will require reboots to their systems and servers, adding a degree of complexity and disruption to network productivity.”
With a heavy load of patches this month, Clarke claimed that the company recommends IT professionals prioritise Windows 1, 2 and the IE update, as this group of patches will require system and server reboots and affects all common Microsoft platforms and browser versions.
He said: “While it may be tempting to avoid restarting servers and systems especially during this busy time of year, it is imperative that all IT professionals pay particular attention to the critical updates and patch as quickly as business conditions permit.
“Windows 1 affects all shipping versions of Windows platform while Windows 2 affects only Windows Vista and Windows Server 2008. Critical updates to Internet Explorer will also be interesting to watch as they affect all commonly deployed versions of IE, including IE 7.”