They say 13 is unlucky for some and today will be a nightmare for those of you who dread lengthy Microsoft updates and the restarts they often involve. Microsoft are issuing their biggest security update ever today involving 13 bulletins which will address 34 vulnerabilities. Six are listed by Microsoft as definitely requiring a restart while the rest “may require a restart”.
Reading through the Executive Summaries, it appears that eight of the updates are classed as critical and will close backdoor loopholes on Windows, Internet Explorer and Office. One of them includes a loophole caused by using Internet Explorer 8 with Windows 7. There are two critical updates relating to Service Pack 3 for Windows XP and Service Pack 3 for Office.
On the Microsoft Security Response Centre (MSRSC) blog, MSRSC’s Jerry Bryant explains:
Among the updates this month, we are closing out two current security advisories. Vulnerabilities in SMB Could Allow Remote Code Execution and vulnerabilities in the FTP Service in Internet Information Services. Usually we do not go into this level of detail in the advance notification but we felt that it is important guidance so customers can plan accordingly and deploy these updates as soon as possible.
Although the restarts are a pain, you’re advised to let Microsoft Windows Update install them as soon as possible as there are so many critical fixes in this latest batch.
Note that you can keep up-to date with details of the latest Windows updates by subscribing to Microsoft Technical Security Notifications. You can choose from Basic Alerts for general users, Comprehensive Alerts for IT managers, Security Advisory Alerts for those updates related to security issues and finally Microsoft Security Response Centre (MSRSC) Blog Alerts for first-hand explanations of the fixes and updates.