Microsoft is lining up 17 security bulletins to address as many as 64 vulnerabilities in Windows, Office, Internet Explorer, Visual Studio, .NET Framework and GDI+ as part of their Patch Tuesday monthly fix cycle. April's batch of updates ties the count of December 2010 as the most ever issued by the company -- though that time it was for a total of 40 flaws. According to Microsoft, 9 of the 17 bulletins will be rated "critical," while the remaining 8 are marked "important."
All critical flaws being addressed carry the risk of remote code execution, including the Windows Server Message Block (SMB) network and file-sharing protocol that was disclosed in February. From the important bulletins, six of them address remote code execution issues, one deals with privilege escalation, and the last one fixes a security flaw that can lead to information disclosure.
All versions of Windows are affected by this batch of updates and seven of the bulletins have mandatory restarts, so it looks like system administrators will have their hands full deploying April's batch of patches. Not included in the list of patched software is Internet Explorer 9; apparently this latest version of Microsoft's browser immune to the flaws being patched. You can read the monthly advance notification detailing the affected software here.
Comments
Post a Comment