Microsoft Patch Tuesday: April 2007

April was unique for Microsoft because it consisted of two Microsoft Tuesdays. Last week, we saw the release of patches for the .ANI zero day vulnerability. This patch was consistent with Microsoft’s policy of releasing out of band security patches (in other words, patches on days other than patch Tuesday) for vulnerabilities that are experiencing widespread exploitation in the wild. From my experience, if the issue is significant enough to merit third-party patches from Determina, ZERT, etc., then in all likelihood Microsoft will do an out-of-band security patch release for the vulnerability.

Today Microsoft released an additional five security bulletins. Four of the bulletins affect Microsoft Windows and the one affects Microsoft Content Management Server. Symantec Security Response Weblog: Microsoft Patch Tuesday: April 2007

Linked by shanmuga Friday, 13th April 2007 12:57AM