Channel

MS Patch Tuesday to include trio of 'critical' fixes

You've been warned

Dan Goodin Thu 5 Jul 2007 // 23:24 UTC

Next week's Patch Tuesday will see Microsoft issue three updates that fix "critical" security vulnerabilities in Windows, Office and the .Net framework. The critical designation is Microsoft's most severe rating and usually applies to flaws that can allow a computer to be hijacked with little or no interaction on the part of the user.

All the critical vulnerabilities could lead to the remote execution of code, according to an advanced bulletin posted Thursday on Microsoft's website. The critical patches apply to Excel, Windows 2000 Service Pack 4 and the .Net framework, which is incorporated into most versions of Windows.

Two additional patches on tap for next week will fix "important" vulnerabilities in Office, Publisher and Windows XP Professional. A sixth patch will plug a "moderate" hole in Windows Vista.

Last month, Microsoft issued six patches, four of them for critical flaws.

The software maker has long been in the habit of releasing security updates on the second Tuesday of each month and issuing an advanced outline of the patches on the Thursday before. Starting last month, Microsoft began offering additional details so that IT administrations can better prepare for the fixes. ®

Similar topics

Broader topics

Bill Gates

Narrower topics

Corrections Send us news

Other stories you might like

Supreme Court urged to halt Texas content-no-moderation law

Ban on blocking viewpoint-based posts 'violates First Amendment'

Thomas Claburn in San Francisco Wed 18 May 2022 // 19:56 UTC

A coalition of advocacy groups on Tuesday asked the US Supreme Court to block Texas' social media law HB 20 after the US Fifth Circuit Court of Appeals last week lifted a preliminary injunction that had kept it from taking effect.
The Lone Star State law, which forbids large social media platforms from moderating content that's "lawful-but-awful," as advocacy group the Center for Democracy and Technology puts it, was approved last September by Governor Greg Abbott (R). It was immediately challenged in court and the judge hearing the case imposed a preliminary injunction, preventing the legislation from being enforced, on the basis that the trade groups opposing it – NetChoice and CCIA – were likely to prevail.
But that injunction was lifted on appeal. That case continues to be litigated, but thanks to the Fifth Circuit, HB 20 can be enforced even as its constitutionality remains in dispute.

Continue reading
How these crooks backdoor online shops and siphon victims' credit card info

FBI and co blow lid off latest PHP tampering scam

Jessica Lyons Hardcastle Wed 18 May 2022 // 18:47 UTC

The FBI and its friends have warned businesses of crooks scraping people's credit-card details from tampered payment pages on compromised websites.
It's an age-old problem: someone breaks into your online store and alters the code so that as your customers enter their info, copies of their data is siphoned to fraudsters to exploit. The Feds this week have detailed one such effort that reared its head lately.
As early as September 2020, we're told, miscreants compromised at least one American company's vulnerable website from three IP addresses: 80[.]249.207.19, 80[.]82.64.211 and 80[.]249.206.197. The intruders modified the web script TempOrders.php in an attempt to inject malicious code into the checkout.php page.

Continue reading
The new generation of CentOS replacements – plus the daddy of them all: RHEL 8.6

Rocky and Alma are here for those CentOS Linux users who are still smarting

Liam Proven in Prague Wed 18 May 2022 // 15:57 UTC

Red Hat Enterprise Linux 8.6, Alma Linux 8.6 and Rocky Linux 8.6 are all out now, for various platforms.
RHEL version 8.6 – codenamed "Ootpa" – arrived on May 11, and is the latest update to 2019's RHEL 8. RHEL point releases are relatively neat affairs compared to, say, Ubuntu's short-term support releases.
8.6 is a step up from last November's RHEL 8.5. It's still based on Fedora 28 and still uses the same kernel version. In this version, you get kernel 4.18-372, which has another six months' worth of bugfixes, security updates and so on.

Continue reading

Judge details Lynch's $700k signoff via iPhone text in full Autonomy judgement

Still no damages number, likely to be way less than $5 billion

Dan Robinson Wed 18 May 2022 // 15:12 UTC

When an accounts assistant asked Autonomy founder Mike Lynch to approve a $700,000 purchase order in December 2010, the British exec "wrote 'ok' from his iPhone."
"He asked no questions at all," wrote the High Court judge who found Lynch liable for fraud in the case brought against him by HPE.
The detail was included in Mr Justice Hildyard's substantial (1,600+ pages) judgement yesterday, which expanded on his earlier civil fraud claim ruling.

Continue reading
Microsoft revises software licensing, cloud policies amid EU regulator scrutiny

OVHcloud and Nextcloud lawsuits hit the spot as Windows giant admits to potential competition issues

Paul Kunert Wed 18 May 2022 // 14:48 UTC

Microsoft is offering a series of concessions over its software licensing policies to European cloud providers in a bid to address their accusations of anti-competitive tactics and cool any interest from local regulators.
OVHcloud, along with several other cloud services purveyors, including Nextcloud filed class-action lawsuits with the European Commission is calling for a level playing.
One bone of contention for some is licensing – for example, the higher fees to pay while running Windows in non-Microsoft Azure clouds.

Continue reading
Banks talk big cloud game but few have migrated over 30% of apps

Less than half said business leaders in their bank understood 'opportunities of cloud'

Dan Robinson Wed 18 May 2022 // 14:03 UTC

A report into cloud adoption in the international banking industry shows that despite a broad appetite for cloud services, only around a third of banks have migrated more than 30 percent of their applications.
The Future of Cloud in Banking report found the majority of retail and commercial banks aim to triple their use of cloud services by 2025, and migrate more client-facing applications and data. However, the usual concerns about security, a lack of cloud skills and a lack of understanding of cloud benefits are said to be holding back some adoption.
The report comes from Publicis Sapient, a digital transformation company, and was compiled in collaboration with Google Cloud. The state-of-play findings are based on a survey of 250 executives at retail and commercial banks conducted in September and October 2021 across the EMEA, North America, and APAC regions.

Continue reading

Your data's auctioned off up to 987 times a day, NGO reports

Irish Council on Civil Liberties said this is first time the scope of real-time bidding is being measured

Brandon Vigliarolo Wed 18 May 2022 // 13:35 UTC

The average American has their personal information shared in an online ad bidding war 747 times a day. For the average EU citizen, that number is 376 times a day. In one year, 178 trillion instances of the same bidding war happen online in the US and EU.
That's according to data shared by the Irish Council on Civil Liberties in a report detailing the extent of real-time bidding (RTB), the technology that drives almost all online advertising and which it said relies on sharing of personal information without user consent.
The RTB industry was worth more than $117 billion last year, the ICCL report said. As with all things in its study, those numbers only apply to the US and Europe, which means the actual value of the market is likely much higher.

Continue reading
Apple scraps 3-day return to office amid COVID-19 cases

2 days a week still compulsory but U-turn gives credence to worker concerns

Paul Kunert Wed 18 May 2022 // 13:00 UTC

Apple has postponed employees' scheduled return to the office for three days a week amid a jump in COVID-19 infections.
Staff at the world's most valuable company were due to up their time in the office from next week, May 23, with Mondays, Tuesday, and Thursdays set as the fixed days each week.
Yet due to the pandemic, Apple confirmed to its workforce that it is delaying the edict for the "time being" with no new date cited, according to a memo seen by Bloomberg.

Continue reading
HPE building its 4th global 'supercomputer factory'

Facility supports a flurry of HPC development, centered in the Czech Republic

Tobias Mann Wed 18 May 2022 // 12:00 UTC

Hewlett Packard Enterprise (HPE) expanded its European footprint this week as it revealed plans for a new manufacturing facility in the Czech Republic, dedicated to building high-performance compute (HPC) systems.
The new facility, located in Kutná Hora, adjacent to HPE's existing server and storage manufacturing plant and about 90km outside Prague, will be built in collaboration with Foxconn.
HPE sees the investment as an opportunity to address ongoing supply chain challenges in the region. "We are now able to manufacture the industry's leading supercomputing, HPC, and AI systems, while increasing supply chain viability and resiliency," Justin Hotard, EVP and GM of HPC and AI at HPE, said in a statement.

Continue reading
China's vice premier Liu He advocates technology and government cooperation

After years of crackdowns, Beijing changing its tune on the industry

Laura Dobberstein Wed 18 May 2022 // 11:36 UTC

The vice premier of China and Xi Jinping's economic right hand man, Liu He, has offered a rare show of support to China's tech industry – both domestic and abroad.
According to state-sponsored media, Liu told around 100 members of the Chinese People's Political Consultative Congress (CPPCC) it is important to have a good relationship between the government and tech, and to research and support specific measures that grow the platform economy.
"It is necessary to wage a successful battle for the strategic ground of critical core technologies," Liu said, according to Xinhua news agency.

Continue reading
Marvell CXL roadmap goes all-in on composable infrastructure

Chip biz bets interconnect tech will cement its cloud claim, one day

Tobias Mann Wed 18 May 2022 // 10:28 UTC

Fresh off the heels of Marvell Technology's Tanzanite acquisition, executives speaking at a JP Morgan event this week offered a glimpse at its compute express link (CXL) roadmap.
"This is the next growth factor, not only for Marvell storage, but Marvell as a whole," Dan Christman, EVP of Marvell's storage products group, said.
Introduced in early 2019, CXL is an open interface that piggybacks on PCIe to provide a common, cache-coherent means of connecting CPUs, memory, accelerators, and other peripherals. The technology is seen by many, including Marvell, as the holy grail of composable infrastructure, as it enables memory to be disaggregated from the processor.

Continue reading

ABOUT US

MORE CONTENT

SITUATION PUBLISHING

The Register - Independent news and views for the tech community. Part of Situation Publishing

SIGN UP TO OUR DAILY NEWSLETTER

Security Scorecard

Biting the hand that feeds IT © 1998–2022

Do not sell my personal information Cookies Privacy Ts&Cs