Sysadmins take note: this coming Tuesday is going to be a bit of a nightmare, with Microsoft's monthly patch cycle fixing a whopping 34 vulnerabilities across 14 bulletins.
The high patch load, confirmed by Microsoft in an
advanced notification posting on its TechNet site, lists eight of the fourteen security bulletins addressed in the patch cycle as 'Critical' - the highest rating - while the remaining six are merely 'Important.'
This monster patching session comes despite the removal of Windows XP SP2 from the company's list of supported OS versions and an out-of-band
emergency patch designed to fix the shortcut flaw in the Windows shell that saw users getting infected simply by opening Windows Explorer to a location containing a maliciously-crafted file.
The vulnerabilities due to be fixed on this latest Patch Tuesday cover all supported versions of Windows - including Microsoft's latest and greatest, Windows 7 - both on desktops and servers. Earlier Windows releases - such as Windows XP SP2 - are thought to be vulnerable to attack but no longer supported, with Microsoft advising users to upgrade to Windows XP SP3 in order to receive protection.
One of the most serious vulnerabilities - rated 'Critical' for its ability to allow an attacker to remotely execute code on the targeted machine - also affects Internet Explorer, and two more patches are designed to fix flaws in Microsoft Office. A final critical-rated patch addresses an issue in Microsoft's Silverlight plugin.
With such a selection box of patches to choose from, administrators the world over are likely to be busy on Tuesday.
Are you surprised at the sheer volume of vulnerabilities found in Microsoft's most secure version of Windows yet, or just pleased that patches to fix the flaws are forthcoming? Share your thoughts over in
the forums.
Want to comment? Please log in.