Microsoft plans bumper Patch Tuesday security update

The latest bumper security update on 10 August comes just a week after Microsoft released an emergency update to patch a recently reported vulnerability in the way the operating system creates desktop shortcuts.

Including the emergency update, IT administrators will have to deal with nine bulletins with a critical rating, affecting all versions of the Windows operating system, Internet Explorer and Microsoft Office, said Wolfgang Kandek, chief technology officer at security firm Qualys.

Windows 7 and 2008 R2 have a smaller number of critical vulnerabilities than Windows XP and 2003 because of their improved security architecture, but are still affected by two critical vulnerabilities each, he said.

Internet Explorer, Office and Silverlight updates apply across the board on all Windows versions.

These are all examples of the increasingly popular trend of attackers and malware going through the installed applications rather than the core operating system, said Kandek.

Windows XP SP2 users do not have any patches supplied to them, even though the five critical vulnerabilities for XP SP3 most likely apply to their discontinued version of the operating system as well, he said.

"Windows XP SP2 users should upgrade to SP3 as quickly as possible," said Kandek.

This story was first published by Computer Weekly

What’s Hot on Infosecurity Magazine?