Prepare for Record Patch Tuesday

Nibiru2012

Quick Scotty, beam me up!
Joined
Oct 27, 2009
Messages
4,955
Reaction score
1,302
From PC World 8-6-2010

Next Tuesday Microsoft will unleash 14 new security bulletins, addressing a record-tying 34 vulnerabilities. In the wake of the out-of-band patch issued for the Windows shortcut security flaw, and with an upcoming out-of-band patch from Adobe as well--IT admins need to a plan of action for implementing the deluge of updates.

Issuing 14 security bulletins in one month is a new one, but the record of patching 34 different flaws is not so uncommon any more. This is the third or fourth time that has occurred in just the past year. Microsoft has experienced a feast or famine flow of updates with virtually no security bulletins one month, followed by a massive batch of security bulletins the next. Microsoft has also had an unusual number of out-of-band patches this year to address attacks against zero-day vulnerabilities.

Wolfgang Kandek, CTO of Qualys, provides a brief analysis of the upcoming Microsoft patches on his blog. "Including the LNK update, 9 bulletins have a rating of critical and affect all version of the Windows OS, Internet Explorer, Silverlight and Microsoft Office."

However, Kandek goes on to clarify that "Windows 7 and 2008 R2 have a smaller number of critical vulnerabilities than Windows XP and 2003 in function of their improved security architecture, but are still affected by 2 critical vulnerabilities each."

Month after month of Microsoft security bulletins continue to illustrate one very crucial fact--Windows 7 (and Windows Vista) are far superior to Windows XP when it comes to security and stability. Windows 7 just passed Windows Vista in market share, but the two combined still only have half the audience of the archaic--and insecure--Windows XP.

For the organizations out there that are still using Windows XP--hopefully they have at least updated it to SP3. As of last month, Microsoft is no longer providing updates or support for Windows XP SP2 or Windows 2000.

Qualys' Kandek stresses "Windows XP SP2 users do not have any patches supplied to them, even though the 5 critical vulnerabilities for XP SP3 most likely apply to their discontinued version of the OS as well. Windows XP SP2 users should upgrade to SP3 as quickly as possible."

No OS is perfect--and Windows 7 is no exception--but Windows 7 has significantly fewer critical vulnerabilities. With a more secure OS, IT admins don't have less to be concerned with, and less cause for urgency to assess and implement the patches once they are released.

Regardless of what version of Windows your company employs--IT admins consider yourselves warned. It's going to be a busy week next week.

SOURCE
 

TrainableMan

^ The World's First ^
Moderator
Joined
May 10, 2010
Messages
9,362
Reaction score
1,587

catilley1092

Win 7/Linux Mint Lover
Joined
Nov 13, 2009
Messages
3,507
Reaction score
563
I had fourteen on 7 Pro, sixteen on Ultimate. Updating went very smoothly on both installs.

But one thing that the report doesn't mention, you can deploy Win 2K with all updates that was available to it at the end of it's support. It will fully update. Just today, I created a VM with 2K as the guest OS. I plan to add a couple more, but one is enough for me for a few days.

Cat
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top