Information Security News mailing list archives
Microsoft scratches BEAST patch at last minute, but fixes Duqu bug
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 14 Dec 2011 03:36:17 -0600 (CST)
http://www.computerworld.com/s/article/9222639/Microsoft_scratches_BEAST_patch_at_last_minute_but_fixes_Duqu_bug By Gregg Keizer Computerworld December 13, 2011Microsoft today issued 13 security updates, one less than expected, that patched 19 vulnerabilities in Windows, Internet Explorer (IE), Office, and Windows Media Player.
The company punted on one bulletin it had planned to deliver today after SAP told it that the patch broke some of its software.
"The bulletin scheduled to address Security Advisory 2588513 was postponed due to a third-party application compatibility issue that will be addressed by the vendor, with whom we're working directly," Jerry Bryant, group manager in Microsoft's Trustworthy Computing team, said in a statement.
The scrubbed security update was to fix the SSL (secure socket layer) 3.0 and TLS (transport layer security) 1.0 bug demonstrated in September 2011 by researchers who crafted a hacking tool dubbed BEAST, for "Browser Exploit Against SSL/TLS."
[...] _____________________________________________________ Subscribe to InfoSec News - www.infosecnews.org http://www.infosecnews.org/mailman/listinfo/isn
Current thread:
- Microsoft scratches BEAST patch at last minute, but fixes Duqu bug InfoSec News (Dec 14)