|03 Nov 2011||#1|
| || |
Patch Tuesday: Fix for 'Duqu' zero-day not likely this month
Microsoft has announced plans to ship fixes for at least four security holes in the Windows operating system as part of this month’s Patch Tuesday batch.
Three of the bulletins carry “remote code execution” risk while the fourth exposes Windows users to denial-of-service attacks.
The updates, which drop around 1:00PM Eastern on November 8, will affect all supported versions of Windows, including the newest Windows 7 and Windows Server 2008 R2.
Although Microsoft has confirmed a zero-day Windows kernel flaw was used in the mysterious Duqu malware attack, the company is not expected to ship a fix for this issue.
According to Symantec, the Duqu zero-day vulnerability was exploited via a rigged Word .doc and gave the hackers remote code execution once the file was opened.
Microsoft has not yet issued a security advisory to offer pre-patch mitigation guidance.
Microsoft Security Bulletin Advance Notification for November 2011
|My System Specs|
|Similar help and support threads for2: Patch Tuesday: Fix for 'Duqu' zero-day not likely this month|
|Here we are again-Patch Tuesday||Windows Updates & Activation|
|Patch Tuesday this month||Windows Updates & Activation|
|Odd behaviour for this patch Tuesday (Oct.-09-12)||Windows Updates & Activation|
|Patch Tuesday Aug 16 wiped me out||Windows Updates & Activation|
|Patch Tuesday||Windows Updates & Activation|
|Patch Tuesday - 6/9/10||Windows Updates & Activation|
|Microsoft planning quiet Patch Tuesday this month||Security News|