There will be total 3 Bulletins (2 Important and 1 Critical) in this month’s Microsoft Patch Tuesday release (March’11). Users and Administrators will have a relatively easy patch-week this month, thanks to Microsoft’s tiny patch release as compared to February, where there were tons of patches from Microsoft as well as Oracle.
As per the advanced notification from Microsoft, total 4 vulnerabilities will be covered this month that include fixes for Windows operating systems as well as for Microsoft Office Groove. All the vulnerabilities can likely result in remote code execution. The critical bulletin affects Windows XP SP3, Windows Vista and Win 7 systems.
Though Microsoft had confirmed the Browser Protocol Zero-day Vulnerability in mid-February, it is not clear if it is going to ship a patch in this month’s release or in OOB (Out-of-Band) patch release. Microsoft, on previous occasions, has been known to release unscheduled patches when there were increased reports of 0-days being exploited in the wild. The vulnerability nevertheless affects Domain Controllers (DC) in major; the chances of remote code execution (though difficult) are possible. So, if you are a Nevis customer, please make sure that your IPS signatures are up-to-date. This will ensure that your network is well protected from this vulnerability.
A good NAC solution can help a lot when it comes down to patch compliance in your organization as it can ensure that your endpoints have the required patches before they connect to the enterprise network. So, if you are not a Nevis customer yet, please get in touch with our sales team (firstname.lastname@example.org) for a NAC demo, today!