Microsoft said the vulnerabilities that will be shipped this upcoming Tuesday cover Windows, Internet Explorer, Microsoft Office, and the .NET Framework.
Commenting on this month’s Patch Tuesday, Paul Henry, security and forensic analyst for Lumension, said the large patch load is “coming on the heels of recommendations from Microsoft around out-of-band patches, as well as Adobe’s huge announcement earlier this week encouraging users to quarantine 25 vulnerabilities in Reader and Acrobat. While administrators will have their hands full this week since Microsoft came out with an announcement recommending quarantining machines, it is also important to remember that it is always better to prevent infection than to have to clean it up afterwards.”
Lumension’s Henry recommends that IT administrators take “a proactive approach to patching”.
Regarding the Patch Tuesday announcement, Jason Miller, data and security team leader at Shavlik Technologies, said: “Typically, Microsoft follows a light month of patches with a heavy month of patches. Although, last month’s ‘light’ patch month contained 9 new bulletins. Microsoft announced…they will be releasing a whopping 16 new security bulletins addressing a total of 49 new vulnerabilities. This month will be particularly challenging for administrators as most patch scenarios will hit every machine on a network.”
Also, Miller suggested that administrators “look at patching the out-of-band bulletin released by Microsoft last week (MS10-070) and the Adobe critical release for Flash, Reader, and Acrobat if they have not done so yet.”
On the Wednesday Microsoft will host a webcast for anyone who has questions about all those vulnerabilities.