|09 Sep 2011||#1|
| || |
Patch Tuesday arrives early, apparently by mistake
Microsoft’s security infrastructure normally operates on a schedule that a Swiss stationmaster would admire. This month the train jumped the rails.
Yesterday, as usual, the Microsoft Security TechCenter published its Advance Notification for September 2011. The post is a heads-up for IT professionals that next Tuesday’s monthly security updates will include five bulletins.
Today, someone jumped the gun and posted the details of those bulletins four days early.
Johannes Ulrich of the Internet Storm Center flagged the details of four of those patches in a post this morning. For a few minutes, the links on that page were live, although Microsoft appears to have quickly hit the Unpublish button. Larry Seltzer of PCMag.com Security Watch identified the fifth bulletin.
This security update resolves a privately reported vulnerability in the Windows Internet Name Service (WINS). The vulnerability could allow elevation of privilege if a user received a specially crafted WINS replication packet on an affected system running the WINS service. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.That link now returns a Page Not Found error.
The premature release is a major gaffe for Microsoft and could cause headaches for security professionals. The appearance of the security bulletin, which includes details about the vulnerabilities being fixed, is the starting gun of a race between bad guys trying to build exploits and IT pros scheduling patches to be applied on desktops and servers.
This month's Patch Tuesday arrives early, apparently by mistake | ZDNet
Microsoft readies 5 'important' security updates
Microsoft Security Bulletin Advance Notification for September 2011
|My System Specs|
|Similar help and support threads for2: Patch Tuesday arrives early, apparently by mistake|
|Here we are again-Patch Tuesday||Windows Updates & Activation|
|Odd behaviour for this patch Tuesday (Oct.-09-12)||Windows Updates & Activation|
|Patch Tuesday, Dec 13 2011||Security News|
|Patch Tuesday||Windows Updates & Activation|
|Patch Tuesday - 6/9/10||Windows Updates & Activation|
|Patch Tuesday is in effect...||Windows Updates & Activation|
|Next Patch Tuesday won't hit Windows 7||News|