Microsoft releases eight security bulletins on "Patch Tuesday's" 10th anniversary

Happy 10th birthday, Patch Tuesday!

10 years ago this month, Microsoft made a commitment to offer better security for its various software products, including Windows. That included setting up a regularly scheduled time of the month where Microsoft would release new security bulletins. The decision was made to establish the second Tuesday of the month as the date for these software updates.

The event has come to be known informally as "Patch Tuesday" in IT circles and since then the date has come to be recognized as a positive move for Microsoft, helping to get rid of its previous reputation for not keeping in touch with customers on software updates. Today, Microsoft released the October 2013 "Patch Tuesday" security bulletins, although it made no specific effort to mention the 10th anniversary of its software update schedule.

As promised last week, there were eight bulletins in the October 2013 set of updates. Four of them are labeled as "Critical", including one that affects all versions of Internet Explorer. The patch closed a bug in IE that was already being exploited by hackers. The IE patch was also the first that will be applied to Windows 8.1, ahead of its launch on October 18th.

Source: Microsoft

Report a problem with article
Previous Story

Samsung: The next best thing since sliced bread will be curved phones; PROMISE!

Next Story

Google's Eric Schmidt says Android is 'more secure' than iOS

21 Comments

Commenting is disabled on this article.

Yuhong Bao said,
Win8.1 RTM users should be sure to download the update for IE manually using the link in the bulletin for now (the update will not go on Windows Update until probably Oct 18): https://technet.microsoft.com/.../security/bulletin/ms13-080
Update: Actually MS backed off from that quickly as you can see in the FAQ.


thanks for the information.
I was wondering why Windows Update only found Office 2013 and Flash player updates on my computer when I checked a few hours ago.

This is an unintended consequence when a company spreads itself too thin over way too many products; instead of focusing on doing a few things right the first time. The short-term obsession with the almighty dollar, will end hurting in the long-term. Oh well.

I had 27 on the 2 boxes, 5 more to go, I've updated so far, also counting Office.

Was totally shocked after seeing the notification that there was only going to be 8!!

Have had IE11 crash twice already on this machine today, since installing those updates. First crashes of ANYTHING on my machines in years!! WTF?

The patch closed a bug in IE that was already being exploited by hackers. The IE patch was also the first that will be applied to Windows 8.1, ahead of its launch on October 18th.

btw, it seems hackers have been unable to exploit that flaw in IE10/11 thanks to ForceASLR on win7/8.

only IE8/9 were targeted. On win7, hackers relied on an Office 2007/2010 dll to bypass ASLR. That is no longer possible with IE10 since ForceASLR is now enabled, which causes DLLs not marked as compatible with ASLR to use random memory locations anyway.

25 updates for Windows, Office, Silverlight, and MSE for a total of 107.9 MB. I think this might be the biggest Windows update I've received.

Happy Anniversary Patch Tuesday!

I'm not sure I'd call 107MB big. 10 years ago it would have been huge but now just a single photo off my camera is 5MB compressed. My patches came up to 98MB and it's 93% complete in the time it took me to type this.

I meant more in terms of updates not size, but maybe I have received more updates than yesterday's. Total time was about 15 mins to update my desktop but my netbook took way longer.

1for-matik said,
...and a total of 46 updates (Office 2013 included). Wow !


that's the downside of switching from service packs to continuous improvement.

Spicoli said,
How is that a downside? A big service pack after several years can be quite disruptive. Incremental changes still carry risk but don't hit you with so much at once.

last month there was issues with outlook 2013 updates (not even security updates) where email accounts disappeared from the folder list.

while it is good to have frequent bug fixes, more frequent releases means less time for testing.

personally I tend to prefer service packs, as they were more thoroughly tested by Microsoft and enterprises (because MS used to release service pack beta previews)

I'm not sure what email accounts disappearing from the folder list means. There's an account list and then a folder list under that. You can always not check that update if you want and roll it back if there's a problem. The service packs were always harder for us because it was a big all or nothing jump.

Spicoli said,

There doesn't appear to be any useful content there. What specifically are you talking about?

you were asking : "I'm not sure what email accounts disappearing from the folder list means."

the link above explains that bug.

my point is that this problem was less likely to happen with a service pack, because they are more extensively tested before being released.