SIA Alert - Microsoft Patch Release - 7/13/10

Only five vulnerabilities this month were patched, a relief after the massive 34 patch release in June. Most of the updates were in Windows with two in Office. Please insure that your updates go through, as always.

Gregg Keizer of ComputerWorld summarized the release as follows:

Computerworld - Microsoft today patched five vulnerabilities in Windows and Office, including a bug hackers have been exploiting for almost a month.

As expected, today's patch slate was short: Just four security updates that included fixes for five separate flaws. Of the four updates, three were rated "critical," the highest threat ranking in Microsoft's four-step scoring system. All five of the specific vulnerabilities patched today were also rated critical.

Two of the bulletins affected Windows, while the remaining pair impacted Office. Four of the five vulnerabilities in the bulletin quartet were pegged by Microsoft with an exploitability index score of "1," meaning that the company expects attacks to materialize in the next 30 days.

The rest of Gregg's article can be found at: http://www.computerworld.com/s/article/9179133

Quotes of the Month:

"A pile of rocks ceases to be a rock when somebody contemplates it with the idea of a cathedral in mind." -- Antoine de Saint-Exupery

"A man only becomes wise when he begins to calculate the approximate depth of his ignorance." -- Gian Carlo Menotti

Tip of the Month:

I was surprised this weekend at a party to hear someone ask me why IT documentation was important. This, obviously, is a topic deserving more attention that I can go into here, but suffice it to say it is on the same level of importance in my mind as disaster recovery of your important data and critical systems.

For small clients with less than a half dozen systems, it simply might mean keeping a set of folders or drawer with all your important hardware and software manuals, warranty, contact information, component specifications. Also internet service provider (ISP) help and sales desk phone numbers, IP addresses, and all on-line application logins and passwords and related documentation they provided can save you or a tech a lot of wasted time when needed. Don't forget to keep lists of what and where your multiple backups are located (and do them!).

As installations get larger, in addition to the above, you need diagrams of your network complete with IP addresses and server and firewall setup information. Lists of users, servers, and workstations complete with pertinent setup and login information is mandatory.

When trying to decide what is important, think of what information would be most critical if you had to recover from the sudden loss of one or two of your most critical service providers or IT employees. Here it is important to think ahead and institute documentation policies and standards throughout the IT organization and review and reassess the status periodically. Employee and service provider contracts should also be handy and kept in a safe place for quick review.

Good documentation can save you lost productivity, provide piece-of-mind, and yes, legal expenses as many of you, I'm sure, can imagine. Have I forgotten anything?