Channel

Duqu vuln fix stars in bumper Patch Tuesday

Microsoft's Xmas gift to sysadmins: 14 security updates

John Leyden Fri 9 Dec 2011 // 11:31 UTC

Microsoft plans to deliver a festive hamper of 14 security updates next week, three of which are designed to tackle critical remote code execution flaws.

The critical updates plug serious holes in Windows XP, Vista, and (to a lesser extent) Windows 7. On the server side, both Windows 2003 and Windows 2008 are vulnerable, but only one vulnerability applicable is applicable to Windows 2008.

The final Patch Tuesday of 2011 is most notable for including a fix for the Windows vulnerability exploited by the Duqu (sibling of Stuxnet) worm. Five of the less severe yet "important" bulletins affect various versions of Office. The patch batch is also set to include security patches for Internet Explorer and Windows Media Player.

Although unveiling a fully laden hamper just before the holiday season is far from ideal, sysadmins can take heart from the fact that the percentage of Microsoft's patches addressing critical vulnerabilities has fallen from 70 per cent of security patches in 2006 to just 30 per cent this year, according to vulnerability management firm Lumension.

Microsoft's pre-alert notice is here. Additional commentary on the upcoming releases can be found from vulnerability scanning firm Qualys here. ®

Similar topics

Broader topics

Narrower topics

Corrections Send us news

Other stories you might like

US recovers a record $15m from the 3ve ad-fraud crew

Swiss banks cough up around half of the proceeds of crime

Jessica Lyons Hardcastle Thu 19 May 2022 // 20:30 UTC

The US government has recovered over $15 million in proceeds from the 3ve digital advertising fraud operation that cost businesses more than $29 million for ads that were never viewed.
"This forfeiture is the largest international cybercrime recovery in the history of the Eastern District of New York," US Attorney Breon Peace said in a statement.
The action, Peace added, "sends a powerful message to those involved in cyber fraud that there are no boundaries to prosecuting these bad actors and locating their ill-gotten assets wherever they are in the world."

Continue reading
Lawmakers launch bill to break up tech giants' ad dominance

Running ad auctions while also buying and selling ads may be outlawed for large firms

Thomas Claburn in San Francisco Thu 19 May 2022 // 19:37 UTC

A bipartisan group of US lawmakers has proposed legislation that would likely force Alphabet's Google, Meta's Facebook, and Amazon to divest portions of their ad businesses.
The bill, called the Competition and Transparency in Digital Advertising Act (CTDA), was introduced on Thursday by Senator Mike Lee (R-UT), with the participation of Senators Amy Klobuchar (D-MN), Ted Cruz (R-TX), and Richard Blumenthal (D-CT).
The bill would prevent large ad companies from participating on different sides of the ad transaction chain. Large ad firms could operate supply-side brokers selling publisher ad space, demand-side brokers selling ads, or ad exchanges connecting buyers and sellers – but not more than one of these.

Continue reading
America bucks global smartphone decline with help from Apple

Cupertino's 51% control is why NA market grew while the world shrunk, says Canalys

Brandon Vigliarolo Thu 19 May 2022 // 19:05 UTC

Smartphone markets the world over are in decline, but that news doesn't appear to have reached North America, where the market grew by 4 percent in the first quarter of 2022.
Tech market analytics firm Canalys reported that smartphone manufacturers shipped a total of 39m units in North America in Q1 2022, and most of it was driven by Apple, which saw 19 percent growth in Q1 to reach 51 percent of the smartphone market in the US, Canada and Mexico.
Apple may lead the quarter in terms of shipments and market share, but Google was the growth leader: It added 380 percent to its North American market share from Q1 2021 to Q1 2022. Still, that only brought it to 3 percent of the market, putting it in fifth place.

Continue reading

Export bans prompt Russia to use Chinese x86 CPU replacement

With few options, Russia will look to half-fast chips from Chinese maker

Dylan Martin Thu 19 May 2022 // 18:30 UTC

With Russia cut off from foreign processor makers Intel and AMD, the country has been scrambling to switch to more local CPUs and components.
Russia's latest step in securing supply chains for new computers comes in the form of a newly released desktop motherboard designed to support x86-compatible CPUs made by Chinese chip designer Zhaoxin, which is a joint venture between Taiwan's Via Technologies and the Shanghai municipal government.
The new motherboard, called MBX-Z60A, is made by electronics manufacturer Dannie, which has headquarters in Russia and China, according to a machine translation of an article published last week by Russian-language news aggregator Habr.

Continue reading
Acer's TravelMate laptops arrive – complete with Microsoft Pluton chips

MS's TPM tip finally gets a grip – but shh – don't mention the Chromebooks

Richard Speed Thu 19 May 2022 // 17:14 UTC

You can imagine the sighs of relief all round in Redmond, Washington this week as Acer launched its new TravelMate range, which has Microsoft's Pluton silicon built-in.

Continue reading
Ryzen shines with remote management on Qualcomm Wi-Fi kit

Working to compete with Intel as FastConnect comes to AMD-processor-powered PCs

Dan Robinson Thu 19 May 2022 // 16:00 UTC

AMD and Qualcomm have rolled out a joint effort that brings remote management capabilities over Wi-Fi for AMD business systems, potentially boosting their appeal for corporate IT departments.
The two companies said they were working together to improve Qualcomm's FastConnect wireless kit for AMD compute platforms based on the Ryzen chips for desktops and laptops. The starting point for this is AMD Ryzen-powered business laptops using Qualcomm's FastConnect 6900 system that delivers Wi-Fi 6 and 6E plus Bluetooth 5.3, supporting Wi-Fi connection speeds up to 3.6Gbps.
Remote management is enabled by the combination of the AMD Manageability Processor now embedded in Ryzen PRO 6000 systems and the FastConnect 6900 system, AMD and Qualcomm said, with support for the DASH client management standard developed by the Distributed Management Task Force (DMTF).

Continue reading

Fastly buys dev platform and web IDE Glitch

CDN biz hopes merger will add a new way to use its edge services

Brandon Vigliarolo Thu 19 May 2022 // 15:43 UTC

Updated Content delivery network Fastly is purchasing Glitch, the company behind the web-based IDE of the same name.
Glitch is a full-stack platform that officially supports JavaScript, but allows coding in CSS, HTML, and other languages as well. It's designed to operate much like other cloud platforms and is able to run full-stack apps on demand, with Glitch handling all of the hardware and devs allowed to focus on coding.
By being absorbed into Fastly, Glitch vowed that the service will remain unchanged for users. "You're good, we got you. Nothing changes about your apps or your Glitch account," the company said in its announcement. It also said no employees would be lost in the merger.

Continue reading
Start your engines: Windows 11 ready for broad deployment

If you're on Windows 10, and meet requirements, it's ready to rumble... and 22H2 is waiting in the wings

Richard Speed Thu 19 May 2022 // 15:00 UTC

Microsoft has quietly updated its release health dashboard and declared Windows 11 "designated for broad deployment."
Adoption of Microsoft's latest OS stalled in recent months as enthusiasts that could upgrade did, and those who didn't meet Microsoft's draconian list of hardware requirements mostly remained on Windows 10.
A wave of enterprise upgrades is yet to materialize, with many organisations opting to stick with what they know, although the designation of being "broad deployment" ready will make it easier to add the upgrade to the corporate roadmap.

Continue reading
Corporate investments are a massive hidden source of carbon emissions

Just because companies are publicly decreasing carbon footprints doesn't mean their cash isn't doing the opposite

Dan Robinson Thu 19 May 2022 // 14:30 UTC

Many large corporations are taking measures to reduce their carbon footprints, but a new report claims that for some, the greatest source of emissions is actually from investments being made with their wealth, and this is undermining their own environmental efforts.
The Carbon Bankroll report highlights the documented carbon dioxide emissions of a number of large corporations and contrasts these with pollutants being generated as a result of the cash and investments held by those companies, comprising cash, cash equivalents, and marketable securities.
In some instances, this figure is greater than the emissions generated by their own business, demonstrating, in the words of the report, that "climate accomplishments are being undermined by a misaligned financial system that is channeling hundreds of billions of corporate US dollars into the carbon-intensive sectors driving the climate crisis."

Continue reading
Iran, China-linked gangs join Putin's disinformation war online

They're using the invasion 'to take aim at the usual adversaries,' Mandiant told The Reg

Jessica Lyons Hardcastle Thu 19 May 2022 // 14:00 UTC

Pro-Beijing and Iran miscreants are using the war in Ukraine to spread disinformation that supports these countries' political interests — namely, advancing anti-Western narratives – according to threat-intel experts at Mandiant.
Additionally, Iranian cyber-campaigns are using Russia's invasion of its neighbor to take aim at Saudi Arabia and Israel, the researchers found.
In a new report published today, Mandiant's Alden Wahlstrom, Alice Revelli, Sam Riddell, David Mainor and Ryan Serabian analyze several information operations that the team has observed in its response to the conflict in Ukraine. It also attributes these campaigns to actors that the threat researchers say are operating in support of nation-states including Russia, Belarus, China and Iran.

Continue reading
Bing! Microsoft tests search box in the middle of Windows 11 desktop

Attempt to be interactive meets cries of 'Someone dumped a text box right in the center of my desktop!'

Richard Speed Thu 19 May 2022 // 13:30 UTC

Microsoft has rolled out an Insider Build threatening "interactive content on the Windows desktop."
The update arrived in build 25120 on the Windows Insider Dev Channel in the form of a search box on the desktop. Tap in a query, select from the drop-down list of (Bing-powered) results and a browser fires up with the requested content.
It's a slightly odd little feature. Windows already has a built-in system search lurking in the Start Menu and not all users are going to be pleased about having a web search box plastered over their desktop of choice. Thankfully, it is possible to turn off the text box, and not all Insiders will get access to the new functionality while Microsoft plays with the concept.

Continue reading

ABOUT US

MORE CONTENT

SITUATION PUBLISHING

The Register - Independent news and views for the tech community. Part of Situation Publishing

SIGN UP TO OUR DAILY NEWSLETTER

Security Scorecard

Biting the hand that feeds IT © 1998–2022

Do not sell my personal information Cookies Privacy Ts&Cs