Heavy Patch Tuesday for February


Microsoft will be releasing 12 updates in February's Patch Tuesday next week to address a total of 57 vulnerabilities. According to Microsoft's Advance Notice released yesterday, five of these were rated as "Critical," while the remaining were pegged as "Important."

This heavier-than-usual update from Microsoft (NASDAQ: MSFT) will resolve vulnerabilities that were discovered in Windows, Internet Explorer and Microsoft Office. Other products that are affected include Windows Server, Microsoft Exchange, Microsoft FAST Search Server and the .NET Framework.

Of note are the sheer number of Windows operating system versions that were affected this month, with "critical" updates affecting Windows XP up to the new Windows RT.

"It's never a good sign when your current code base is impacted," wrote Paul Henry, security and forensic analyst at Lumension, in an email. "We hope that this month is a one-time spike and not a return to the to-to pattern of 2011."

Rapid7's Senior Manager of Security Engineering, Ross Barrett, noted that the clustering of updates around the Windows OS is good in that fewer overall products are affected. On the flip side, Barrett noted "it's bad because an organization with even the simplest deployment of Microsoft products will probably be hit by all of these advisories." This translates into both desktop and server teams being "extra busy."

For more:
- check out this article at ZDNet

Related Articles:
Microsoft kicks off 2013 with 7 Patch Tuesday security bulletins
7 bulletins for final Patch Tuesday of 2012