Patch Tuesday: no Windows or IE patches this month

Microsoft releases a wave of patches for various pieces of software including Windows, Office and Mac to keep the latest exploits and vulnerabilities at bay. These patches come on the second Tuesday of every month, and is named Patch Tuesday.

This months Patch Tuesday brings three bulletins, addressing 11 vulnerabilities in Microsoft Office and Microsoft Forefront Unified Access Gateway. Out of the three bulletins, one is labeled as critical, Microsoft's highest security warning, and the other is labeled as important. No patches for Windows were announced this month.

The patches will fix vulnerabilities in the following software:

  • Microsoft Office XP SP3
  • Microsoft Office 2003 SP3
  • Microsoft Office 2007 SP2
  • Microsoft Office 2010 (32-bit & 64-bit)
  • Microsoft Office for Mac 2011
  • Microsoft PowerPoint Viewer
  • Microsoft Forefront Unified Access Gateway 2011 (including Update 1 & 2)

Microsoft Office for Mac 2011 went on sale just last week, and already there is a vulnerability discovered in it. However, this vulnerability is the same bug found in the Windows-based Office editions.

This is the first patch Tuesday in a year that Microsoft hasn't had any updates for Windows. The recently discovered Internet Explorer vulnerability will go unpatched this month. The bug affects Internet Explorer 6, 7 and 8, but does not affect the recently released Internet Explorer 9 beta.

Report a problem with article
Previous Story

Review: Skyfire browser; flash on your iOS device

Next Story

Google targets Facebook Contact info

50 Comments

Commenting is disabled on this article.

Panda X said,
I'm pretty sure Patch Tuesday is the SECOND Tuesday of the month.

This is an advance notification of security bulletins that Microsoft is intending to release on November 9, 2010.

rfirth said,

This is an advance notification of security bulletins that Microsoft is intending to release on November 9, 2010.

Oh I see. I scrolled right past that. Just the wording made it sound like it had already happened.

Mike Chipshop said,
Lol... no updates is news?

It is when its Windows, any OS that can go through its normal update cycle without the need for patches is news. Its the nature of the OS to need to update to changes around it.

Mike Chipshop said,
Lol... no updates is news?

you obviously didn't read the article; there ARE updates but none apply to Windows or IE >.>

Uh....didn't they just announce there was a zeroday attack using a flaw in IE? They should try to get that fix

Rudy said,
Uh....didn't they just announce there was a zeroday attack using a flaw in IE? They should try to get that fix

Did you read the article?

Rudy said,
Uh....didn't they just announce there was a zeroday attack using a flaw in IE? They should try to get that fix

Anyone who uses IE should really be on Beta1 of IE9.

aftas said,

Did you read the article?
Yes I did and saying:
The recently discovered Internet Explorer vulnerability will go unpatched this month.
is not acceptable, they are leaving a LOT of people unprotected

well i hate to tell you this but the last time an independent body studied the secureness of windows vs mac guess who came out on top, Windows. The security landscape for windows has gotten better with each release.

Thank god, now us windows fanbois can rub it in mac users faces that our OS is more secure than theirs!

/sarcasm

Although seriously, this is quite impressive. Windows, Linux, and OS X usually always have something that needs to be patched, and MS is especially good at keeping up with their security (usually )

I have never once had that happen on any version of Windows. I always set it to notify about updates and never automatically download or install. I do it when I'm ready.

To be fair, after the mammoth hauls we've had in the last few months not to mention the OOB ones, I'm pretty glad. Will be an easier patch approval month for our enterprise

This isn't a sign that there is a lack of vulnerabilities in Windows. It is merely a sign that no patches have reached release quality yet.

Relativity_17 said,
This isn't a sign that there is a lack of vulnerabilities in Windows. It is merely a sign that no patches have reached release quality yet.
Microsoft issues, what are those things called, I honestly can't remember... Well, Microsoft puts on a website all issues they have been alerted of, maybe not massive details (and we can all tell why), but we would still know if there are more which have yet to be patched.

Relativity_17 said,
This isn't a sign that there is a lack of vulnerabilities in Windows. It is merely a sign that no patches have reached release quality yet.
You mean there's probably vulnerabilities in Windows' 50 million lines of code?? Get out of here! Why am I not surprised your avatar is a pengiun, making a statement like that. Yes, there are unknown vulns/ in Windows, Linux and Mac OS X. Can we move on to something worthwhile now?

J_R_G said,
You mean there's probably vulnerabilities in Windows' 50 million lines of code?? Get out of here! Why am I not surprised your avatar is a pengiun, making a statement like that. Yes, there are unknown vulns/ in Windows, Linux and Mac OS X. Can we move on to something worthwhile now?

Oh boy, here we go...

So you openly admit that Windows has bugs. That's great, but why does a statement, which re-enforces that fact, seem to bother you? I happen to think that people shouldn't be encouraged from taking this statement to mean better or worse than its plain face value - and yes, I am a bit disappointed that Windows hasn't continued to improve this month. Obviously, patching hundreds of millions if not billions of machines with different hardware and software loadouts is difficult.

And while we're at it, I would certainly like to hear why you associate my avatar with my previous statement. I was almost certain that I knew why I'm using this penguin avatar, but as you have so kindly pointed out, I seem to be mistaken. Please, obliviate my ignorance and explain!

Relativity_17 said,

Oh boy, here we go...

So you openly admit that Windows has bugs. That's great, but why does a statement, which re-enforces that fact, seem to bother you? I happen to think that people shouldn't be encouraged from taking this statement to mean better or worse than its plain face value - and yes, I am a bit disappointed that Windows hasn't continued to improve this month. Obviously, patching hundreds of millions if not billions of machines with different hardware and software loadouts is difficult.

And while we're at it, I would certainly like to hear why you associate my avatar with my previous statement. I was almost certain that I knew why I'm using this penguin avatar, but as you have so kindly pointed out, I seem to be mistaken. Please, obliviate my ignorance and explain!

Do you think i am going to stay up at night wondering if i got the meaning of your avatar correct? I made an educated guess, but i couldn't care less pal. I admit windows has bugs, like mac os x and linux and all oses, at least i don't try to act like only one os does, you're either ignorant or trolling, either way get a life and get over yourself - you're not that smart.

J_R_G said,
Do you think i am going to stay up at night wondering if i got the meaning of your avatar correct? I made an educated guess, but i couldn't care less pal. I admit windows has bugs, like mac os x and linux and all oses, at least i don't try to act like only one os does, you're either ignorant or trolling, either way get a life and get over yourself - you're not that smart.

Sorry, but your mindless accusations are absurd. First, how am I trolling? I've merely stated what people should get out of this story: the lack of updates by no means indicates that Windows is running out of vulnerabilities. I don't think people should see any reason to celebrate the lack of patches as marking some sort of achievement.

Then you came rushing in, foaming at the mouth, for some reason offended that I haven't busted out the champagne and toasted to Redmond for their...what? Lack of patches? Oh yes, and that stupid remark about my avatar; I assume you made the dumb assumption that I'm some sort of Linux fanboy, right? I forgive you, since you can't seem to find a way to back out gracefully and can only belligerently pretend that this discussion isn't worth your time.

Anyway, if it helps unbunch your proverbial panties, I've never liked Mac OS X due to its lack of functionality under its veneer of elegance (even the KP message is really quite nice), and hard as anyone has tried, Ubuntu continues to look like dirt. Honestly, the best parts of it are the command line and the wobbly windows. Anyway, it is nice that people have alternatives, and I hope the updates continue to roll out for all platforms out there.

Relativity_17 said,
This isn't a sign that there is a lack of vulnerabilities in Windows. It is merely a sign that no patches have reached release quality yet.

I agree - there's a difference. Also, simiarly, a company doesn't show a sign of weakness by having security fixes to release. To the contrary, it's more of a sign of worry if they never fix anything like that in a complex OS. Because there are bugs.

Relativity_17 said,
and yes, I am a bit disappointed that Windows hasn't continued to improve this month.
It has, but Patch Tuesday is only for critical security updates, not all hotfixes. Since 7 was released last year, there have been about 60 patches a month.

Relativity_17 said,

Sorry, but your mindless accusations are absurd. First, how am I trolling? I've merely stated what people should get out of this story: the lack of updates by no means indicates that Windows is running out of vulnerabilities. I don't think people should see any reason to celebrate the lack of patches as marking some sort of achievement.

Then you came rushing in, foaming at the mouth, for some reason offended that I haven't busted out the champagne and toasted to Redmond for their...what? Lack of patches? Oh yes, and that stupid remark about my avatar; I assume you made the dumb assumption that I'm some sort of Linux fanboy, right? I forgive you, since you can't seem to find a way to back out gracefully and can only belligerently pretend that this discussion isn't worth your time.

Anyway, if it helps unbunch your proverbial panties, I've never liked Mac OS X due to its lack of functionality under its veneer of elegance (even the KP message is really quite nice), and hard as anyone has tried, Ubuntu continues to look like dirt. Honestly, the best parts of it are the command line and the wobbly windows. Anyway, it is nice that people have alternatives, and I hope the updates continue to roll out for all platforms out there.

Like I said, thanks for pointing out there are bugs in Windows' 50 million lines of code, the rest of us ignoramuses would have never guessed. /s

But, for the most part, hackers are not finding them, nor exploiting them, that is what we 'celebrate' but I mean you knew that, right? You were just saying we are celebrating that Windows "has 0 bugs" just to be funny and cute, right?

Relativity_17 said,
This isn't a sign that there is a lack of vulnerabilities in Windows. It is merely a sign that no patches have reached release quality yet.

It is a sign of "slow news day"

Raa said,
No IE updates. That only strengthens arguements for it!
Good news indeed!

The recently discovered Internet Explorer vulnerability will go unpatched this month. The bug affects Internet Explorer 6, 7 and 8, but does not affect the recently released Internet Explorer 9 beta.

Raa said,
No IE updates. That only strengthens arguements for it!
Good news indeed!

Hey, it can wait a month! I'm sure it won't affect anyone.

Hopefully they'll manage to get a patch out sooner than a month. There's certainly no reason to wait a month "just because."