You are here

HomeBrandon Dimmel › Microsoft Patch Tuesday Fixes Windows, PowerPoint

Microsoft Patch Tuesday Fixes Windows, PowerPoint

Dennis Faas's picture
by Brandon Dimmel on May, 11 2011 at 08:05AM EDT

Microsoft unveiled a modest Patch Tuesday collection of fixes for its software products this month. However, at least a few of the patches address security holes that experts say could be easily exploited.

On Tuesday, Microsoft's series of May patches addressed just three bugs, only one of which is marked "critical," the company's highest security rating. The most serious patch is labeled MS11-035 and is intended to fix a vulnerability in the Windows Internet Name Service (WINS), a component in every edition of Windows Server.

Critical Update Not Automatically Deployed

The way in which Microsoft deployed MS11-035 has frustrated some security experts.

While security patch MS11-035 is labeled "critical", it was not installed by default. Security experts said such a dismissal is absurd, since most businesses and government organizations require the Windows Internet Name Service.

"Most organizations have to install WINS," noted Rapid7 enterprise security community manager, Marcus Carey. "With governments and big agencies -- any large network -- WINS is going to be running." (Source: computerworld.com)

As for the threat to WINS itself, the problem is substantial. According to reports, unlike most security holes a hacker wouldn't need to trick a user into clicking anything. Instead, they'd just have to find a vulnerable server and upload malicious data.

PowerPoint Targeted, but not PowerPoint 2010

Another flaw addressed by the Patch Tuesday release is an "important" issue in Microsoft PowerPoint, a program within the Office suite.

A bug in PowerPoint could allow hackers to take remote control of a machine if a user opens a specially designed and malicious PPT (PowerPoint) file. It's worth noting, however, that PowerPoint for Office 2010 is not affected. (Source: eweek.com)

In all, there were a very small number of fixes this month. Likely next month will see substantially more. PC users should "brace themselves for a larger update" next month, said one security expert.

Filed under:
Business
,
Microsoft
| Tags:
microsoft
,
patch
,
security
,
powerpoint
,
wins
Rate this article: 
No votes yet
Need Help? Ask!



My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).

We are BBB Accredited

We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.