Microsoft Mulls a Patch for The Patch

Tuesday, October 21, 2014 @ 04:10 PM gHale


It is unfortunate when a company has to issue a patch, but it is doubly unfortunate when it has to send out another patch to fix the original patch. Microsoft knows just how that feels, again.

The patch that wanted to add “SHA-2 Hashing” to Windows 7 and Windows Server 2008 R2 has instead raised some concerns among Microsoft’s users, officials said.

RELATED STORIES
Patch Tuesday Fixes 3 Zero Days
Chrome 38 Fixes 159 Security Bugs
Patch Tuesday: IE Zero Day Fixed
Chrome Update Brings 50 Security Fixes

The company is therefore “investigating behavior associated with this update” and recommends those who implemented the patch and found things have had problems to uninstall the software.

Microsoft’s reputation for reliable repairs is taking a battering at present, as recalls ended up required for patches issued in September and August.

The last Patch Tuesday fixed a plethora of issues, but most importantly Microsoft patched three Zero Days.

Issued as part of its October edition of Patch Tuesday, the updates address vulnerabilities found in all currently supported versions of Windows, Internet Explorer, Office and the .Net framework. Three of the bulletins are critical, meaning Microsoft recommends systems administrators apply the patches immediately.

Security researcher FireEye identified two of three Zero Day bugs used as “part of limited, targeted attacks against some major corporations.”

Another Zero Day flaw addressed by the update is a privilege escalation vulnerability that “could lead to full access to the affected system,” Microsoft said in its bulletin.



Leave a Reply

You must be logged in to post a comment.