Microsoft is preparing for its biggest-ever Patch Tuesday -- and analysts said IT administrators should do the same. The software giant will issue 13 bulletins to address 34 security vulnerabilities across a wide range of products. Eight of the bulletins come with critical ratings, including two for vulnerabilities that are already being exploited.
The patches cover Office, SQL Server, Internet Explorer, and Microsoft developer tools, as well as all currently supported versions of Windows, including the yet-to-be released Windows 7. The previous largest Patch Tuesdays were 12 bulletins in October 2008 and November 2007.
Avoiding IT Headaches
"Microsoft is releasing a heavy load of patches to organizations next Tuesday with eight critical and five important vulnerabilities," said Paul Zimski, vice president of market strategy for Lumension. "Overall, the advanced bulletin from Microsoft further illustrates the importance of a strong patching solution, as IT administrators will spend a lot of extra time patching this month if they don't have a proper process in place."
Zimski pointed to several standout bulletins coming Tuesday. One he highlighted is Bulletin 13, which is labeled as critical. Zimski said this bulletin raises a red flag because it affects a large number of operating systems, core services, and applications.
"It is most likely a low-level vulnerability shared within the operating system itself that needs to be fixed," Zimski said. "Before deploying this patch into production environments, however, it will be important to test it vigorously to ensure services are not impacted by unexpected results."
Bulletin 5 presents an increased threat for what is typically called drive-by malware -- which users download without understanding the consequences or browser exploitation without the user's knowledge.
Zimski sees an increased threat because the bulletin concerns the most current versions of Internet Explorer -- versions 7 and 8 -- on multiple operating-system platforms. That, Zimski said, makes this vulnerability a prime target for malware writers and malicious web operators.
"On Tuesday, organizations should also pay close attention to the details listed in Bulletins 7 and 9, two 'important' vulnerabilities, to determine how critical they are within their business environments," Zimski said.
Zimski said vulnerabilities involving spoofing and elevation of privilege should raise an alarm for IT administrators as they can potentially have a big impact on verifying trusted destinations and controlling user privileges. Those are things over which IT never wants to lose control.
In addition to these bulletins, Zimski said all the critical vulnerabilities are labeled as remote code execution across a broad variety of Windows platforms. They will require a restart.