News

Patch Tuesday To Bring Single Windows Fix

Microsoft appears to be starting the new year on a light note after issuing bulky security releases in the latter months of 2009.

The January patch will match the current month's numerical designation, containing just one security bulletin. This sole critical patch is a Windows-level fix and will affect every supported operating system -- even Windows 7. The vulnerability to be patched has remote code execution security implications.

Microsoft emphasized the critical nature of this patch, particularly for Windows 2000 users.

"Customers with Windows 2000 systems will want to review and deploy this update as soon as possible," said Microsoft spokesman Jerry Bryant in an e-mailed statement. Bryant pointed to Security Advisory 977544, which indicates that it is the bug-heavy Server Message Block that is targeted for patching.

"We are still working on an update for the issue at this time," he added. "We are not aware of any active attacks using the exploit code that was made public for this vulnerability and continue to encourage customers to follow the guidance in the advisory."

Meanwhile, the single patch may require a restart, according to Microsoft's advance announcement.

IT pros wanting to get a jump on nonsecurity releases on Windows Update, Microsoft Update Services and Windows Server Update Services can check this KnowledgeBase article to peruse the list.

According to one security observer, the single patch that Microsoft plans to issue on Tuesday will represent just a brief respite. IT security pros can be assured of more to come.

"Let's hope that IT admins can savor this unusually reduced patch release as they kickoff the New Year and use the time to prepare for the numerous updates and patches that are still yet to come," said Paul Henry, security and forensic analyst at Lumension. "[IT admins] must prepare in order to resolve the current SMB denial-of-service problems, the MySQL zero-day rumors and the Adobe PDF issue, to name a few. Keep in mind that patches for these issues are around the corner."

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.

  • Report: Security Initiatives Can't Keep Pace with Cloud, AI Boom

    The increasingly fast adoption of hybrid, multicloud, and AI systems is easily outgrowing existing security measures, according to a recent global survey by the Cloud Security Alliance (CSA) and exposure management firm Tenable.

  • World Map Image

    Microsoft Taps Nebius in $17B AI Infrastructure Deal To Alleviate Cloud Strain

    Microsoft has signed a five-year, $17.4 billion agreement with Amsterdam-based Nebius Group to expand its AI computing capabilities through third-party GPU infrastructure.

  • Microsoft Brings Copilot AI Into Viva Engage

    Microsoft 365 Copilot in Viva Engage is now generally available, extending Copilot's AI-powered assistant capabilities deeper into the Viva platform.