News

First Patch Tuesday of 2008 Expected To Be Light

IT pros still recovering from the holidays can take heart: Microsoft's first Patch Tuesday of 2008 is a light one, a welcome respite following December's Vista-heavy security bulletin rollout.

There are only two patches for January: one "Critical," one "Important."

The lone critical patch fixes vulnerabilities to remote code execution exploits. The issue affects Microsoft Windows 2000 Service Pack 4, Windows XP, Windows Server 2003 and all versions of Vista, which security experts believe will be patched a lot this year.

The important patch deals with local or client-side elevation of privilege. This type of attack can give the hacker control of the whole processing environment as a "superuser." Windows 2000 SP 4, XP and Windows 2003 are affected by this bulletin.

Both updates will require a restart; administrators can run Baseline Security Analyzer to detect whether workstations require these updates.

Redmond also plans to release five nonsecurity updates on Microsoft Update and Windows Server Update Services as well as two nonsecurity, high-priority updates for Windows and Windows Update Server Update Services. The latest version of the Malicious Software Removal Tool will be available as well.

This isn't the final word on Tuesday's release as the patch count as well as purpose of each patch could change, but a smaller release such as this should leave time for IT pros to tie up any loose ends from 2007. More information is available on the Tech Net Web site.

About the Author

Jabulani Leffall is a business consultant and an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others. He consulted for Deloitte & Touche LLP and was a business and world affairs commentator on ABC and CNN.