Today Microsoft announced and detailed the updates component to the latest edition of its monthly security update cycle, known colloquially as ‘Patch Tuesday.’ Unlike in recent months, this specific package of fixes contains no ‘critical’ updates, instead being made up of two merely described as being ‘important.’
Neither will require a restart. All is quiet on the Redmond front.
MS12-061 and MS12-062, the two bulletins, deal with ‘elevation of privilege,’ by which a user executes an action that they are tricked into doing, perhaps by a malicious website or, to quote Microsoft, a “specially crafted link in an email message.” The two bulletins deal with developer tools and Microsoft’s server software, respectively.
In other news, the ‘Microsoft Security Advisory (2661254)‘ which extends the required length of certificate keys is in the news. Security firm Qualys, in a post on the update, described the change in the following say:
The patch will change the Windows certificate system, and it will stop accepting certificates that are using RSA keys with fewer than 1024 bits because those keys are considered forgeable.
Even more so than usual, the updates this time ’round are niche. However, it never hurts to be informed as to what is out there in terms of risk. Stay up to date, and stay safe. If you need more on the updates, Microsoft’s full breakdown can be found here.
Top Image Credit: Nick Taylor
Pssst, hey you!
Do you want to get the sassiest daily tech newsletter every day, in your inbox, for FREE? Of course you do: sign up for Big Spam here.