The case of the missing Microsoft security update


Missing patchAs pre-announced last week in Microsoft’s advance notification, there were supposed to be 14 security bulletins released in this month’s swathe of “Patch Tuesday” updates.

However, it seems only 13 made the grade, leaving many system administrators scratching their head as to whether they’re missing something.

MS13-067 through to MS13-079 were released, combatting a range of vulnerabilities ranked variously as “Critical”, “Important”, “High”, Medium” and “Low”, and dealing with software as diverse as Sharepoint, Outlook, Internet Explorer, Windows, Office, and FrontPage amongst others.

It seems that the missing bulletin failed to adequately pass testing, and has held back until it’s ready for future release.

That seems to me like a sensible move by Microsoft. After all, it were to issue buggy security updates (such as those that happened last month) they might cause more trouble for users than the problem they are trying to fix.

And, after all, Microsoft claims that the vulnerabilities dealt with by the missing security update are not being exploited by hackers at this time:

We are committed to delivering high-quality security updates for our customers and extensively test each bulletin prior to release. During some additional testing after advance notification, we determined one of the updates was not quite ready. We have not detected any attacks against this issue, or any of the others addressed today, and we’ll continue to work on the bulletin and release it once it is ready, through our regular bulletin release process.

My advice? Go and grab yourself Microsoft’s latest Patch Tuesday updates, and cross your fingers that they are able to iron out the remaining problems in the missing update as soon as possible.

Oh, and while you’re at it, make sure that you are also aware of the critical patches that Adobe released on Tuesday - protecting against flaws in Adobe Reader and Flash.

PS. Meanwhile I read that a non-security update for Outlook 2013 is causing problems for some users today.

Tags: , , , , ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , , , ,

One Response

  1. sky

    September 11, 2013 at 7:23 pm #

    Microsoft needs to test windows patch intensively. Office 2007 patches trapped in installation loop ( )

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.