Wolfang Kandek, CTO de Qualys commente Patch Tuesday sur son blog http://laws.qualys.com/.
Au programme, 11 vulnérabilités Microsoft, dont une critique dans Microsoft Office :
Microsoft Advance Notification for November’s Patch Tuesday lists only 3 updates addressing a total of 11 vulnerabilities. The products affected are Microsoft Office and Microsoft’s Forefront Unified Access Gateway. One of the Microsoft Office vulnerabilities is rated « Critical » and affects all version of Office including Office 2010.
A « Critical » rating on an Office program is fairly rare, most vulnerabilities on the Office suite are categorized as « Important » because they typically require user interaction to get a successful exploitation. « Critical » here indicates a vulnerability that can be used to take control of the target machine without user interaction, such as MS10-064, where visualizing an e-mail in Outlook’s preview pane was sufficient to trigger the flaw.
As the CTO for Qualys, Wolfgang is responsible for product direction and all operational aspects of the QualysGuard platform and its infrastructure. Wolfgang has over 20 years of experience in developing and managing information systems. His focus has been on Unix-based server architectures and application delivery through the Internet. Prior to joining Qualys, Wolfgang was Director of Network Operations at the Online Music streaming company myplay.com and at iSyndicate, an Internet media syndication company. Earlier in his career, Wolfgang held a variety of technical positions at EDS, MCI and IBM. Wolfgang earned a Masters and a Bachelors degree in Computer Science from the Technical University of Darmstadt, Germany.