Bink.nu Services

Subscribe to our feed 

 


Order Now!

Windows 7 for XP Professionals
Updating Support Skills from XP to Windows 7
by Bink.nu's Raymond Comvalius

Who is online

There are 58 guest(s) online.

There are 0 member(s) online.

Sponsors



Popular Tags

Archives

December 2009 Bulletin Release Advance Notification
Posted by Steven Bink December 4, 2009 8:41 AM with no comments
Filed under:

Advance Notification for the December 2009 Security Bulletin Release

For December we are planning to release six new security bulletins addressing 12 vulnerabilities in Windows, Internet Explorer (IE) and Microsoft Office products. Three of the bulletins have a maximum severity rating of Critical and three have a maximum severity rating of Important. To help customers plan for their deployment of these updates, I want to specifically call out that they touch all supported versions of Windows and IE. On the Office side, the bulletins impact Project, Word and Works 8.5. All of the updates for Windows will require a restart so please plan accordingly.

We want to make customers aware that we will be addressing the vulnerability discussed in Security Advisory 977981 in the IE bulletin on Tuesday. We know that customers are concerned about this issue and we are also aware that Proof of Concept (PoC) code is available publicly.

Here is a preview of the guidance we will be releasing with the bulletins on Tuesday: The IE update maps to bulletin number 4 in the ANS and will be at the top of our deployment priority list. The other critical update affecting Windows (bulletin number 1) will have a lower Exploitability Index rating, so while the impact is higher with a critical severity rating, the lower risk will drop the deployment priority down a little. The final critical update affecting Microsoft Project (bulletin number 3), is only critical for Project 2000. The other affected versions are important. That coupled with a lower Exploitability Index will also drive it down on the deployment priority list. Customers have asked us to map the numbered bulletins in the ANS to the final bulletin ID’s after release so we will be doing that in the blog post here on Tuesday.

We are targeting the release of these bulletins for next Tuesday Dec. 8 at 10:00 a.m. PST (UTC -8). We will post more guidance at that time both here on the MSRC blog and on the Security Research & Defense (SRD) blog. Our guidance will include risk and impact information, our deployment priority list and deeper technical information on the bulletins form the SRD team. Until then, please review the ANS page here.

 

The Microsoft Security Response Center (MSRC) December 2009 Bulletin Release Advance Notificatio
Send via e-mail | Submit to Digg | Add to Live Favorites
227756 Views

Comments

No Comments

About Steven Bink

Founder of Bink.nu
Powered By IIS 7 Powered by ASP.NET
Bink.nu 3.0. Copyright © 1999-2012 Steven Bink. All Rights Reserved.
Microsoft and Microsoft logo's are trademarks of Microsoft Corporation.