Microsoft plans gigantic Patch Tuesday next week
Slates record-tying 34 patches for Windows, IE, Office and SharePoint
Computerworld - Microsoft today said it will deliver 10 security updates next week to patch a record-tying 34 vulnerabilities in Windows, Internet Explorer, Office and SharePoint.
The patches will also quash two bugs that Microsoft acknowledged in February and April.
"I'd actually call this a moderate month," said Andrew Storms, director of security operations at nCircle Security. "Looking at the criticality of the bulletins, and the fact that the number [of bulletins] is low, it doesn't look like a huge month to me."
By the numbers, however, next week's updates will be huge. Although the 10 updates fall short of the record of 13 -- first set in October 2009, then repeated in February 2010 -- Microsoft will fix a total of 34 vulnerabilities, the same number as the current record, also set last October.
Microsoft has been shipping alternating large and small batches of fixes, with the larger-sized updates landing in even-numbered months. In May, for example, the company issued just two bulletins that patched two vulnerabilities. April's collection, meanwhile, amounted to 11 bulletins that fixed 25 flaws.
The monthly advance notification spelled out the patches expected to appear next Tuesday.
Of the 10 updates, Microsoft labeled three as "critical," the highest threat ranking in the company's four-step system. The seven remaining patches have been pegged as "important," the next step down from critical. Two of the three critical updates will address issues in Windows, while the third will tackle Internet Explorer (IE).
All six updates affecting Windows will impact Microsoft's newest operating system, Windows 7. And with one exception -- Windows 2000 and Windows XP will not need Bulletin 9 -- all currently-supported versions of Windows will require all the patches.
"There's no safe harbor this month," said Storms.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The Threat Landscape Hardly a day goes by without the discovery of a new cyberthreat somewhere in the world! But how do you keep up with...
- Security for Virtualization In the rush to implement virtualization, security has become second. So while the business benefits are clear, the risks are less well documented...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Malware and Vulnerabilities White Papers | Webcasts