Optimised ITThis month Microsoft’s patch cycle will be fixing a huge 34 vulnerabilities across 14 bulletins. The high patch load, confirmed by Microsoft in an advanced notification
posting on its TechNet site, lists eight of the fourteen security bulletins addressed in the patch cycle as ‘Critical’ – the highest rating – while the remaining six are ‘Important.’
This huge patching session comes despite the removal of Windows XP SP2 from the company’s list of supported OS versions and an out-of-band emergency patch designed to fix the shortcut flaw in the Windows shell that saw users getting infected simply by opening Windows Explorer to a location containing a maliciously-crafted file.
The vulnerabilities due to be fixed on this latest cycle cover all supported versions of Windows, including Microsoft’s latest O/S Windows 7, both on desktops and servers. Earlier Windows releases are thought to be vulnerable to attack but no longer supported, with Microsoft advising users to upgrade to Windows XP SP3 in order to receive protection.
One of the most serious vulnerabilities – rated ‘Critical’ for its ability to allow an attacker to remotely execute code on the targeted machine – also affects Internet Explorer, and two more patches are designed to fix flaws in Microsoft Office. A final critical-rated patch addresses an issue in Microsoft’s Silverlight plugin.
