Security

Bah Humbug! Microsoft Plays Scrooge with Record Patch Tuesday

Next Tuesday is the final Patch Tuesday of the year for Microsoft, and apparently we're going to close 2010 with a bang. Microsoft revealed that Patch Tuesday will include a record 17 security bulletins and keep IT admins scrambling for the final days leading up to the traditional holiday break.

2010 has been a busy year for Microsoft security bulletins. The 17 security bulletins for December will put Microsoft over the century mark with 106 bulletins for the year--a 43 percent jump from the 74 security bulletins unleashed in 2009.

The security bulletins cover the range of Microsoft software including all versions of Windows, as well as Internet Explorer, Microsoft Office, SharePoint, and Exchange. All 17 of the security bulletins are listed as either "Requires restart" or "May require restart", so IT admins should be prepared for the fact that systems will need to be rebooted to complete the patch process.

Wolfgang Kandek, CTO of Qualys, empathizes with IT admins in a post on his blog. "The high number of advisories will present a challenge to all Windows system administrators, especially with the holidays shortening the available working hours.

There are two significant positives to this massive Patch Tuesday. First, out of 17 security bulletins, only two are rated as Critical. Percentage wise that represents just over 10 percent of the total and makes the record Patch Tuesday seem a little less intimidating. In a bizarre reversal of fortunes, one of the Critical bulletins impacts newer systems running Vista and Windows 7, but is rated only Important for Windows XP SP3.

The second Critical bulletin impacts Internet Explorer versions 6, 7, and 8. Kandek explains, "This update also provides a fix for the open zero-day vulnerability KB2458511, which has seen some exploits in the wild. Our recommendation will be to apply the patch as soon as possible."

The other shining light for this Patch Tuesday is the fact that Microsoft is closing the remaining zero-day vulnerability exploited by the Stuxnet worm. Kandek clarifies, "Microsoft is providing an update rated "Important" because it addresses a privilege escalation bug, i.e. requires the attacker to be already on the machine to be exploited."

There is still a little cliff-hanging teaser on the table, though, to give IT admins something to look forward to for 2011 as well. According to Kandek, "VUPEN has documented a new vulnerability in IE6, 7 and 8 that so far has not been acknowledged by Microsoft."

Subscribe to the Security Watch Newsletter

Comments