[Sunnet Alert] Advisory #210 - Microsoft Patch Tuesday
Security and IT News Alerts
alertmailinglist at skiifwrald.com
Sun Mar 11 08:05:37 EST 2007
Sûnnet Beskerming Alert List Advisory #210
You are receiving this message because you have subscribed to our
Information Security Alert Mailing List, or have been selected for a
specific one-off copy. If you believe that you are receiving this
message in error, please contact info at beskerming.com to resolve the
error.
Why not upgrade to get same day notification on security threats?
Details and rates available online -
(http://www.beskerming.com/premium/generic_advisory.html).
Why not go the next step and get delivery tailored just for your
company?
(http://www.beskerming.com/premium/focussed_advisory.html)
Contents
--------------------------------------------------------------------
1. SECURITY
--------------------------------------------------------------------
=======================================
/*
- Remote or Local - Can it be achieved through a network or does it
require physical access?
- Hacker - The bad guy
- Manual or Automatic - Does the vulnerability need to be manually
performed, or can it be automated?
- Control, Denial of Service or Data Theft - Will the hacker get
control of your system / website, will they prevent you from using
it, or will they steal data.
*/
--------------------------------------------------------------------
2. NEWS
--------------------------------------------------------------------
2.1 Microsoft Patch Tuesday
=======================================
1. SECURITY
=======================================
/*
Threat Matrix:
U - User
O - Operator
Harmless - 0 ----- 10 - Highly Critical
*/
=======================================
2. NEWS
2.1 Microsoft Patch Tuesday
Microsoft, through their Security Response Center, have provided
advance notification of their planned patch schedule for March. At
this stage, Microsoft does not intend to release any security patches
for March.
Administrators of Microsoft systems should be reminded that there are
several active '0-day' exploits targeting various Microsoft products
and systems, and Microsoft have been known to release patches that
differed from those pre-announced by the company. Of more immediate
concern to administrators will be the ongoing effort to implement the
many and varied patches to account for the Daylight Savings Time
changes in the United States that take effect from Sunday (though
Monday will be the real litmus test). Many reports have highlighted
the many practical difficulties encountered in getting disparate
systems and patch models working effectively together for the DST
change and it has been suggested that Microsoft's decision not to
release any patches for March may be influenced by the current chaos
(and the fact that major patches would have effective rollout dates
on subsequent days).
=======================================
Sincerely,
Sûnnet Beskerming Team
info at beskerming.com
Sûnnet Beskerming Pty. Ltd.
Adelaide, Australia
http://www.beskerming.com
Tel: +61 (0) 410 707 444
** Sûnnet Beskerming Pty. Ltd. **
Established in mid 2004, Sûnnet Beskerming Pty. Ltd. is the sister
company to Jongsma & Jongsma Pty. Ltd., and was formed to develop and
commercialise the research coming out of Jongsma & Jongsma Pty. Ltd..
Sûnnet Beskerming Pty. Ltd. is an Information Security specialist
and, in conjunction with the tools developed by Jongsma & Jongsma
Pty. Ltd., provides total security solutions and services, from the
perimeter to internal data stores, including web application security
and security testing and analysis.
More information about the Alertmailinglist
mailing list