After being battered by a record Patch Tuesday last month, January may come as a relief to system administrators everywhere. This month’s patch cycle includes two bulletins—one rated “important,” only covering Windows Vista; the other rated “critical,” covering all currently supported Windows versions.
What’s noticeable is what is not being patched. Two zero-day vulnerabilities are known to be present in Windows though neither was patched today. First is a vulnerability in Internet Explorer (IE) that we talked about in late December that has already been used in the wild. The second flaw in the Graphics Rendering Engine, on the other hand, has not been exploited to date.
As we previously mentioned when the IE vulnerability was discovered, our free add-on Browser Guard already offers protection by preventing browser exploits and analyzing in-browser scripts for malicious characteristics and behaviors. Until an official patch is issued, users should consider using Browser Guard as their way of mitigating a potential threat.
For enterprise users, we offer specific solutions to deal with vulnerabilities. Both Deep Security and OfficeScan with Intrusion Defense Firewall (IDF) plug-in have rules that protect users not just against the vulnerabilities patched today but also against both unpatched vulnerabilities. A rule covering the IE vulnerability has been made available since late December while coverage for the Graphics Rendering Engine was part of a regular update.
Post from: TrendLabs | Malware Blog – by Trend Micro
January Patch Tuesday Fixes Three Vulnerabilities
Full story: TrendLabs | Malware Blog – by Trend Micro
Related Posts
- Largest-Ever Patch Tuesday Fixes 49 Vulnerabilities
Microsoft fixed a record number of vulnerabilities in its October Patch Tuesday. The company issued 16 bulletins to patch 49 separate vulnerabilities. All versions of Windows from Windows XP up to th... - 64 Vulnerabilities Fixed by April Patch Tuesday
Compared with last month’s three security bulletins, Microsoft released a record-breaking 17 security bulletins to address 64 publicly disclosed vulnerabilities. This month’s release inclu... - February Patch Tuesday: three 0-days fixed
After a quiet January Patch Tuesday, Microsoft will be issuing 12 updates fixing 22 vulnerabilities for February's Patch Tuesday. These patches will update Windows, Internet Exp... - Just two bulletins for January Patch Tuesday
After last month's bumper crop of bulletins, January's Patch Tuesday looks like it will be a more downbeat affair. There are just two bulletins fixing a total of three vulnerab... - Microsoft Patch Tuesday – January 2011
Hello and welcome to this month’s blog on the Microsoft patch release. This is quiet month —the vendor is releasing two bulletins covering a total of three vulnerabilities. One of the iss... - November 2010 Patch Tuesday: three bulletins
According to the Microsoft Security Response Center, Microsoft will issue three Security Bulletins addressing 11 vulnerabilities on Tuesday, November 9. It will also host a webc... - September Patch Tuesday Resolves 11 Vulnerabilities
Patch Tuesday has arrived, bringing with it the monthly crop of Microsoft security patches. September has a total of nine bulletins, fixing a total of 11 vulnerabilities, all but one of which affects... - Microsoft and Adobe Release Fixes in May Patch Tuesday
Microsoft released two critical security advisories as part of its May Patch Tuesday. In addition to the advanced notification it released last Thursday, Microsoft has addressed the vulnerabilities wi... - Many Updates on Patch Tuesday
Just as announced Friday last week, Microsoft released 17 security bulletins and according updates, fixing overall more than 60 security vulnerabilities in Windows, Internet Explorer, Office and the D... - April 2011 Patch Tuesday
Once again, this day of every month is the scheduled release of updates from Microsoft. April 2011 Patch Tuesday from Microsoft contains 17 security bulletins (covering 64 vulnerabilities) 9 of the is...
Posted on 15 January 2011. Tags: Fixes, January, Patch, Three, Tuesday, Vulnerabilities
