Windows Server administrators have a relatively light patching workload this month.
Microsoft issued nine security bulletins for August Patch Tuesday with five rated critical and the remainder ranked as important. Of the nine bulletins, just six deal with vulnerabilities in the Windows Server operating system.
"If you're an IT administrator and you're responsible for data center servers, you kind of got off easy on this one," said Tod Beardsley, senior security research manager at Boston-based Rapid7. "You should still roll out all your patches because you never know ... but you have an easy August ahead of you."
Of the patches that affect Windows Server, administrators should focus on bulletin MS16-101, which deals with Windows authentication methods, security analysts told SearchWindowsServer. The exploit affects all supported versions of Microsoft Windows -- including Windows Server 2016 Technical Preview 5-- and could let hackers elevate privileges if they execute a specially crafted application on a system joined to the Windows domain.
While it's not ranked critical, administrators should apply this patch first because "it affects the way all the clients and workstations talk to Windows Server," said Amol Sarwate, director of vulnerability labs for Qualys Inc., in Redwood City, Calif.
"The vulnerability is in the Windows NetLogon and Kerberos protocols. Both issues [are exposed] when the client talks to the server on Windows domain controller," Sarwate said.
Bulletin MS16-095 deals with an Internet Explorer vulnerability which could allow an attacker to perform a remote code execution exploit if the user goes to a specially crafted web page. The bulletin is ranked critical for client operating systems, but only moderate for Windows Server systems.
"Internet Explorer has enhanced security configuration on the server operating systems. That makes it really hard to trip any of these vulnerabilities," Beardsley said.
Additionally, most IT shops should have stringent security protocols in place to prevent an administrator from performing potentially risky procedures, such as using a browser to go on a web page while using a Windows Server machine, Sarwate said.
For more information about the remaining August Patch Tuesday security bulletins, visit the Microsoft Security TechCenter site.