Microsoft Launches Biggest Security Patch Cycle Ever

Setting a busy week ahead for IT administrators and managers, Microsoft in its traditional Patch Tuesday cycle released security patches for a record number of vulnerabilities, addressing 31 security issues in its Windows operating systems, Office suite, Internet Explorer, and other products.

The security-updates were bundled into 10 different bulletins, five of which have been dubbed “critical”, with as many as 15 of the 31 vulnerabilities are expected to be exploited within next 30 days or so. With such a notable count of security patches, Microsoft has comfortably surpassed its previous record of 26 vulnerabilities it patched back both in August 2006 and August 2008.

The update, codenamed as “MS09-019”, plugs as many as eight security holes in its IE web browser, including the vulnerability that enabled a hacker to perform arbitrary codes remotely on systems running the latest iteration of IE 8 at the Pwn2Own hacker contest back in March.

Another security patch addresses the WebDAV vulnerability in the software maker’s Internet Information Services server that enabled hackers gain access to some of the restricted parts of a server by plugging a specially crafted address into the browser.

In addition to this, Microsoft also plugged a variety of security holes in its Excel, Windows Server, Windows Search, and Office suite.

You can follow on Twitter@itproportal.

Our Comments

Never thought there would be that many patches. 31 security patches for applications as mature as Windows XP or Office is quite a big number. It is very likely that the next few months will see another record number of patches released as more people play around with Windows 7, Office 2010 and IE8.

Related Links

Microsoft patches record number of security bugs

(The Register)

Colossal Patch Tuesday addresses 31 Windows, IE8 vulnerabilities


Microsoft sets record with monster Windows, IE, Office update


Monster Patch Tuesday breaks records

(PC Pro)

Microsoft issues latest round of security patches