Mystery of the month, say experts, is what Microsoft means by ‘security feature bypass’ update
Computerworld – Microsoft today said it would deliver seven security updates next week — tying the record for January — to patch eight vulnerabilities in Windows and its developer tools.
But the company declined to confirm that the Jan. 10 slate will include a patch pulled at the last minute a month ago.
One of the seven updates was tagged “critical,” the highest threat ranking in Microsoft’s four-step system, while the others were marked “important,” the second-highest rating, even though some of them could conceivably be exploited by attackers to plant malware on users’ PCs.
Altogether, three of the updates were labeled as “remote code execution,” meaning they could be used to hijack an unpatched system, Microsoft said in its monthly advance notification.
A twist to this month’s Patch Tuesday is Microsoft’s classification of one of the updates as “security feature bypass,” a label it’s never before applied.
“[Security feature bypass]-class issues in themselves can’t be leveraged by an attacker,” said Angela Gunn, a spokeswoman for the Microsoft Security Response Center, in a post to that group’s blog today. “Rather, a would-be attacker would use them to facilitate use of another exploit.”
Andrew Storms, director of security operations at nCircle Security, took a shot at deciphering the new category. More