MS Patch Tuesday heads-up: 7 bulletins, 23 vulnerabilities 5/3/12
-
MS Patch Tuesday heads-up: 7 bulletins, 23 vulnerabilities 5/3/12
Microsoft’s May batch of security patches will include fixes for at least 23 serious security vulnerabilities affecting the Windows ecosystem.
According to an
advance notice from Microsoft, there will be a total of 7 bulletins addressing 23 security holes in Microsoft Windows, Office, Silverlight, and .NET Framework.
Three of the seven bulletins will be rated critical because of the risk of remote code execution attacks.
All the others will carry an “important” rating and will cover vulnerabilities that can cause code execution of privilege escalation attacks.
All versions of Microsoft’s flagship Windows operating system are affected by this month’s releases, including the newest Windows 7 and Windows Server 2008 R2.
Read more:
MS Patch Tuesday heads-up: 7 bulletins, 23 vulnerabilities | ZDNet
Microsoft Security Bulletin Advance Notification for May 2012
-
-
Thanks Borg. I'll never understand why MS doesn't release patches right after they create/test them rather than waiting for the 'release date'. On top of this, they let everyone know just what is going wrong, incase, you know, someone wants to exploit it or something. I'm sure they put them up on the site soon enough, but it would be nice to have them through Windows update a little sooner. something to think on :)
-
I generally wait a day or 2 before applying them, just to see if anything is causing any problems. But you would think they would issue some of the more important ones immediately.
-
-
fwiw
Patch-deployment costs
Earlier versions of the Windows Update system suffered from two problems. The first was that less-experienced users were often unaware of Windows Update and did not install it; Microsoft's solution was the "Automatic Update," which notified each user that an update was available for their system. The second problem was that customers, such as corporate users, with many copies of Windows not only had to update every Windows deployment in the company but also uninstall patches issued by Microsoft that broke existing functionality.
In order to reduce the costs related to the deployment of patches, Microsoft introduced "Patch Tuesday" in October 2003.
Source
Patch Tuesday - Wikipedia, the free encyclopedia
-
Well, alright. Never would have thought that it would be expensive having existing employees put the patches up. I for one would not enjoy searching for patches, and will continue using win update. Thanks for the fyi David
-
Thanks Borg. I'll never understand why MS doesn't release patches right after they create/test them rather than waiting for the 'release date'. On top of this, they let everyone know just what is going wrong, incase, you know, someone wants to exploit it or something. I'm sure they put them up on the site soon enough, but it would be nice to have them through Windows update a little sooner. something to think on :)
Patches go through an accelerated Beta cycle (usually), and are released on the second Tuesday of the month to allow network management teams to schedule patch testing and distribution.
Until SP1 for XP was released, patches were posted as soon as available - and it got to the point where network managers were in a continual headspin, as a new patch was released before the last could be tested. The consensus was that the switch to Patch Tuesday was a much-improved state of affairs.
-
-
^ Ah, so MS is taking into consideration companies as well as home consumers. I suppose that does make it easier...