Microsoft plans gigantic Patch Tuesday next week
Slates record-tying 34 patches for Windows, IE, Office and SharePoint
Computerworld - Microsoft today said it will deliver 10 security updates next week to patch a record-tying 34 vulnerabilities in Windows, Internet Explorer, Office and SharePoint.
The patches will also quash two bugs that Microsoft acknowledged in February and April.
"I'd actually call this a moderate month," said Andrew Storms, director of security operations at nCircle Security. "Looking at the criticality of the bulletins, and the fact that the number [of bulletins] is low, it doesn't look like a huge month to me."
By the numbers, however, next week's updates will be huge. Although the 10 updates fall short of the record of 13 -- first set in October 2009, then repeated in February 2010 -- Microsoft will fix a total of 34 vulnerabilities, the same number as the current record, also set last October.
Microsoft has been shipping alternating large and small batches of fixes, with the larger-sized updates landing in even-numbered months. In May, for example, the company issued just two bulletins that patched two vulnerabilities. April's collection, meanwhile, amounted to 11 bulletins that fixed 25 flaws.
The monthly advance notification spelled out the patches expected to appear next Tuesday.
Of the 10 updates, Microsoft labeled three as "critical," the highest threat ranking in the company's four-step system. The seven remaining patches have been pegged as "important," the next step down from critical. Two of the three critical updates will address issues in Windows, while the third will tackle Internet Explorer (IE).
All six updates affecting Windows will impact Microsoft's newest operating system, Windows 7. And with one exception -- Windows 2000 and Windows XP will not need Bulletin 9 -- all currently-supported versions of Windows will require all the patches.
"There's no safe harbor this month," said Storms.
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Why You Need a Next-Generation Firewall This white paper explores the reasons for implementing next-generation (NG) firewalls and lays out a path to success for overburdened IT organizations.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users? All Malware and Vulnerabilities White Papers | Webcasts