[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ISN] Microsoft scratches BEAST patch at last minute, but fixes Duqu bug
http://www.computerworld.com/s/article/9222639/Microsoft_scratches_BEAST_patch_at_last_minute_but_fixes_Duqu_bug
By Gregg Keizer
Computerworld
December 13, 2011
Microsoft today issued 13 security updates, one less than expected, that
patched 19 vulnerabilities in Windows, Internet Explorer (IE), Office, and
Windows Media Player.
The company punted on one bulletin it had planned to deliver today after SAP
told it that the patch broke some of its software.
"The bulletin scheduled to address Security Advisory 2588513 was postponed due
to a third-party application compatibility issue that will be addressed by the
vendor, with whom we're working directly," Jerry Bryant, group manager in
Microsoft's Trustworthy Computing team, said in a statement.
The scrubbed security update was to fix the SSL (secure socket layer) 3.0 and
TLS (transport layer security) 1.0 bug demonstrated in September 2011 by
researchers who crafted a hacking tool dubbed BEAST, for "Browser Exploit
Against SSL/TLS."
[...]
_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn