WebProNews

Microsoft readies patches for May

Microsoft's monthly patch release schedule includes a Critical fix for an issue in their Office program, Word, and two other fixes rated the same.

The day known as Patch Tuesday rides again on May 13th, when Microsoft issues whatever current patches they have ready to address flaws in the components of their widely used operating system and other programs.

An Advance Bulletin for this month's edition cited three upcoming Critical fixes to be released next Tuesday. Along with Word, Microsoft Publisher, and the Jet database engine receiving Critical updates, Microsoft's various security programs have a Moderate-rated flaw that could result in a denial of service condition.

Critical flaws pose the most headaches for system administrators. If exploited, this class of vulnerabilities could leave a system open to remote code execution. Since such code execution likely would be malicious, admins tend to want these holes closed as fast as possible.

It's even more important today to apply patches as quickly as possible after they have been released. Criminals see the same bulletins and some try to create exploits against those flaws, in the hopes of hitting a vulnerable system before it has a patch applied to closed the hole.

The time frame for exploit creation gets smaller and smaller. With profit being a huge motivation for co-opting a system, to possibly steal valuable login credentials to various websites, the existing patch model used by Microsoft and other software companies may need to change to ensure the security of their products and their customers.