Microsoft Patches Coming Tuesday: Brace Yourself

Here are two keys words for Microsoft Windows shops to remember come this Patch Tuesday: "six" and "restart."

Six is the number of a critical bulletins Microsoft will release on February 9 that affect all the currently supported versions of Windows on both the desktop and server.

And a system restart will be required for these Windows patches, which will mean down time for servers. In fact, 10 of the record-tying 13 bulletins require a restart.

In all, five are listed as critical, seven important and one moderate.

Microsoft getting better at Patch Tuesday updates, experts say

The last time Microsoft had so many bulletins was in October 2009. In the preliminary patch information issued Thursday, Microsoft does not say how many total vulnerabilities are in those 13 bulletins. In October, the number was 34. Experts say on average there are two vulnerabilities per bulletin.

"Bulletin six is definitely key, we can see that both server teams and desktop teams are going to be impacted," says Don Leatham, senior director of solutions and strategy for Lumension.

Leatham says IT teams should look at their maintenance windows and see how and when they can get these critical patches out.

"With bulletin six it might be worthwhile to move up the maintenance window if need be," he says. Many organizations with patching policies time server maintenance with patch releases.

Leatham says users should not wait to scramble on Tuesday but instead should start prepping as soon as possible.

"Usually when there have been bulletins like this in the past that cover every single Windows platform it means it could be fairly low level in the OS," he says.

This month, the other trend is that there are fewer patches on the applications side. Only two patches address applications and both are for Microsoft Office.

Microsoft had a single patch last month, which was in the font engine of Windows.

Follow John on Twitter: twitter.com/johnfontana

Read more about wide area network in Network World's Wide Area Network section.

Subscribe to the Security Watch Newsletter

Comments