August 23, 2014

No Critical priority vulnerabilities to be fixed by Microsoft for September’s Patch Tuesday

(LiveHacking.Com) – Microsoft has issued its advanced nofiticaton outlining the security bulletins that it will release for September’s Patch Tuesday. This month’s release will only contain two bulletins, both of which have the severity ratings of important. The bulletins affect Microsoft Visual Studio Team Foundation Server 2010 Service Pack 1, Microsoft Systems Management Server 2003 Service Pack 3 and Microsoft System Center Configuration Manager 2007 Service Pack 2. Both bulletins address elevation of privileges vulnerabilities.

Microsoft has also published a heads-up concerning the minimum key length of  Public Key Infrastructure (PKI) certificates. Microsoft is increasing the requirement for certificates used in PKI to an RSA key length minimum of 1024 bits. In June, Microsoft  announced the availability of an update to Windows (via the Download Center as well as the Microsoft Update Catalog) that restricts the use of certificates with RSA keys less than 1024 bits in length. Microsoft is now planning to release this update through Microsoft Update in October, 2012.

“By raising the bar of our certificate requirements, as part of our ongoing work to evaluate Microsoft’s security efforts and make improvements, we aim to help create a safer more trusted Internet for everyone,” wrote Angela Gunn on the Microsoft Security Response Center blog.

“We recommend that you evaluate your environments with the information provided in Security Advisory 2661254 and your organisation is aware of and prepared to resolve any known issues prior to October,” continued the post.

The release of September’s bulletins is scheduled for Tuesday, September 11, 2012.

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks