Skip to main content

Microsoft Planning Massive Security Update For Patch Tuesday

The upcoming Patch Tuesday is set to become a big one for Microsoft, as the software giant is going to address as many as 34 vulnerabilities though 13 security updates.

Of the 13 security patches, eight are to be tagged as ‘critical’, with a majority of them would plug security holes in Windows and Internet Explorer (IE) that could let hackers remotely execute codes on victim’s computer and subsequently seize control over system resources.

Along with these, the patches would further address snags in SQL Server, MS Office, Microsoft Forefront, Microsoft Developer Tools, and Silverlight. Incidentally, a couple of the patches incorporated in the October update address flaws already made public with the exploit code available.

One of the critical patches would address a flaw in the Microsoft SMB version 2.0 implementation, impacting Windows XP, 2000, Server 2003 and 2008, as well as newer iterations of Windows, including Windows 7 and Windows Vista.

If exploited, the vulnerability could enable fraudsters to gain access to Windows Vista and Server 2008 and steal data from it. Microsoft has already issued a workaround to the vulnerability last month, directing users to cut support for SMB version 2 protocol, by providing a link to Microsoft’s “Fix It” package to disable the protocol.

Our Comments

We're already used to Microsoft patch Tuesday routine, something that has now become part and parcel of any Windows sysadmin monthly to do list. Now if only Microsoft could make these updates happen in the background, that would be smashing but very unlikely to happen.

Related Links

Microsoft plans monster Patch Tuesday next week


Microsoft to patch zero-day SMB, IIS holes


Microsoft To Fix SMB, FTP Flaws In 13-Patch Update

(Channel Web)

Microsoft to Plug Windows Security Holes on Patch Tuesday


Patch Tuesday Forecast: 13 Microsoft Updates

(PC Mag)

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.