Microsoft has patched more critical vulnerabilities than 2004 and 2005 combined
Tuesday November 30, 1999 at 12:00 am CST
Posted by Monty Ijzerman
Today Microsoft patched 23 vulnerabilities of which 15 are rated critical. One of the critical vulnerabilities, (MS06-040) Service Server vulnerability, can be remotely exploited by an anonymous user on all Windows operating systems and has been labeled a worm candidate.
The update of our graphs of last month is found below. The top graph shows that this year Microsoft has already addressed more critical vulnerabilities than in 2004 and 2005 combined. The bottom graph shows that the number of important vulnerabilities has not changed.
This month 11 patched vulnerabilities were already public or were already exploited in-the-wild prior to today's announcements. Among them is the vulnerability in Powerpoint that was exploited in targeted attacks in mid-July.
No need to remind you to review your deployments now!
October 31st, 2006 at 10:07
[...] The update of our graphs of last month is found below. The graphs show that September is usually a month with a few or no patches. [...]
October 31st, 2006 at 12:22
[...] Trackback When Microsoft released the monthly security bulletins on August 8, we blogged that the Windows Server Service vulnerability (MS06-040) was a worm candidate. Exploit code was released to the Internet community on August 10, and the first IRC bots to exploit this vulnerability were discovered in the wild on August 12, all in 4 days. [...]
November 19th, 2006 at 21:18
[...] Computer Security Research – McAfee Avert Labs Blog “Microsoft has patched more critical vulnerabilities than 2004 and 2005 combined” (tags: windows security microsoft) [...]
March 7th, 2009 at 16:55
[...] Computer Security Research – McAfee Avert Labs Blog “Microsoft has patched more critical vulnerabilities than 2004 and 2005 combined” (tags: windows security microsoft) Tagged as autopost + Categorized as twitter [...]