Alex Wilhelm is a San Francisco-based writer. You can find Alex on Twitter, and on Facebook. You can reach Alex via email at [email protected] Alex Wilhelm is a San Francisco-based writer. You can find Alex on Twitter, and on Facebook. You can reach Alex via email at [email protected]
Today Microsoft announced and detailed the updates component to the latest edition of its monthly security update cycle, known colloquially as ‘Patch Tuesday.’ Unlike in recent months, this specific package of fixes contains no ‘critical’ updates, instead being made up of two merely described as being ‘important.’
Neither will require a restart. All is quiet on the Redmond front.
MS12-061 and MS12-062, the two bulletins, deal with ‘elevation of privilege,’ by which a user executes an action that they are tricked into doing, perhaps by a malicious website or, to quote Microsoft, a “specially crafted link in an email message.” The two bulletins deal with developer tools and Microsoft’s server software, respectively.
In other news, the ‘Microsoft Security Advisory (2661254)‘ which extends the required length of certificate keys is in the news. Security firm Qualys, in a post on the update, described the change in the following say:
The patch will change the Windows certificate system, and it will stop accepting certificates that are using RSA keys with fewer than 1024 bits because those keys are considered forgeable.
Even more so than usual, the updates this time ’round are niche. However, it never hurts to be informed as to what is out there in terms of risk. Stay up to date, and stay safe. If you need more on the updates, Microsoft’s full breakdown can be found here.
Top Image Credit: Nick Taylor
Get the TNW newsletter
Get the most important tech news in your inbox each week.