Three Security Fixes Expected on Patch Tuesday
- By Jabulani Leffall
- March 5, 2009
Microsoft plans to issue three fixes in its March security patch rollout, with one deemed "critical" and two labeled "important."
Spoofing vulnerabilities will be addressed in the two important security bulletins. Spoofing is the act of masking Internet Protocol addresses to impersonate a sender or another computer.
Remote code execution (RCE) exploits -- a repeat problem that Redmond has been patching over the last few years -- will be addressed in the critical item. The critical fix will patch every OS in Microsoft's currently supported repertoire: Windows 2000, XP and Vista, plus Windows Server 2003 and 2008.
Important fix No. 1 will cover the same operating systems as the critical fix. Microsoft's second important fix has a more limited scope, affecting Windows 2000 plus Windows Server 2003 and 2008.
All of the fixes will require a restart.
Microsoft is referring IT administrators this month to its update management portal to help plan and deploy the security fixes and updates. And, as it has done every month for a little less than a year, Redmond is offering the latest info on nonsecurity updates via a monthly knowledgebase article. The knowledgebase article provides details on the Windows Mail Junk E-mail filter and Microsoft's Malicious Software Removal Tool.
IT pros will no doubt be waiting to see which Windows components get addressed on Tuesday when the patch is actually released. However, Microsoft's preview is usually a good indication of what's to come.
Jabulani Leffall is a business consultant and an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others. He consulted for Deloitte & Touche LLP and was a business and world affairs commentator on ABC and CNN.