Britt Gottlieb from Qualys just sent me a little analysis on Microsoft’s February security update, written up by CTO Wolfgang Kandek. Here’s his blog: http://laws.qualys.com/2011/02/patch-tuesday—preview-for-fe.htmlAnd here’s his assessment: Microsoft announced 12 bulletins today for February’s Patch Tuesday. Three of the bulletins are critical and include updates to address the recently disclosed flaws in Internet Explorer “css.css” – Microsoft Security Advisory 2488013 and Windows “thumbnail preview” – Microsoft Security Advisory 2490606. These vulnerabilities have seen limited exploits in the wild, so applying the update is highly recommended. In addition the lower rated flaw in the FTP service is addressed with an update to the IIS server. The remaining updates address flaws in Windows, Office and the development platform Visual Studio. All versions of Windows starting with Windows XP SP3 up to the latest versions Windows 7 and Windows Server 2008 R2. The Office bulletin, however is limited to a relatively small footprint: the Visio versions 2002, 2003 and 2007. The recent MHTML issue in Windows/Internet Explorer will not be addressed in this update. The workaround suggested by Microsoft in Advisory 2501696 continues to be the recommended way of mitigating this attack vector.And now you know.–Bill Brenner Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe