IT Career JumpStart

Nov 9 2011   4:11PM GMT

Here’s a HOT one: MS11-083 addressed in November Updates

Ed Tittel Ed Tittel Profile: Ed Tittel

Check out this flaming headline from Ryan Naraine on his “Zero Day” blog over at ZDNet (he’s long been one of my favorite Windows security mavens and like my other favorite, Lenny Zeltser, pretty much always tells it like it is):

Scary stuff demands immediate sysadmin attention

Scary stuff demands immediate sysadmin attention

Further investigation of the latest Microsoft Secuirty Bulletin Summary for November 2011¬†associates this vulnerability with ID MS11-083 and its associated Knowledge Base article KB2588516. When MS urges treating something with utmost priority that’s as close to “damn the torpedos, full speed ahead with deployment” as they ever come in their instructions and advice. It’s definitely time to put this one on the testing and deployment schedule, and perhaps even to invoke the emergency weekend update clause for your enterprise (or however you rush urgent patches out into the field).

The other November patches for this month (there are 4 in all) deal with Windows Mail and Windows Meeting Space (MS11-085, Important rating, Remote Code Execution vulnerability), Active Directory (MS11-086, Important rating, Elevation of Privilege vulnerability), and Windows Kernel-Mode Drivers (MS11-084, Moderate rating, Denial of Service vulnerability). Oh, and there’s the usual beginning-of-month update to the Malicious Software Removal Tool out in this latest batch of Windows Update materials as well.

But the MS11-083 item is a real humdinger that demands immediate attention. Better scramble the jets and let management know you’ll be working this weekend (or whenever you can push this puppy into production).

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: