Patch Tuesday: whopping 64 vulnerabilities, 17 bulletins

Microsoft is set to release a record breaking Patch Tuesday that contains 17 bulletins, fixing 64 vulnerabilities, according to the advanced notification. Microsoft patches security holes and vulnerabilities in all of their software products on the second Tuesday of each month.

This month Microsoft will patch a whopping 64 vulnerabilities, the most the company has ever served up in a single month. Out of the 17 bulletins, nine have been labeled critical, Microsoft highest security rating, while the remaining eight are labeled as important. From the 17 bulletins, the patches will address a number of remote code executions, information disclosure and elevation of privilege.

The security vulnerabilities are found in multiple versions of Microsoft Windows, Microsoft Office, Internet Explorer, and Visual Studio.

Affected software:

  • Internet Explorer 6, 7 & 8
  • Windows XP SP3
  • Windows Vista SP1 & SP2
  • Windows 7 & SP1
  • Windows Server 2003 SP2
  • Windows Server 2008 SP2 & R2
  • Microsoft Office XP SP3
  • Microsoft Office 2003 SP3
  • Microsoft Office 2007 SP2
  • Microsoft Office 2010
  • Microsoft Office for Mac 2004
  • Microsoft Office for Mac 2008
  • Microsoft Office for Mac 2011
  • Open XML file format converter for Mac
  • Microsoft Excel viewer SP2
  • Microsoft PowerPoint viewer 2007 SP2
  • Microsoft Office compatibility pack for Word, Excel and PowerPoint SP2
  • Microsoft Office Web Apps
  • Visual Studio .NET 2003 SP1
  • Visual Studio 2005 SP1
  • Visual Studio 2008 SP1
  • Visual Studio 2010
  • Visual Studio C++ 2005 SP1
  • Visual Studio C++ 2008 SP1
  • Visual Studio C++ 2010

Some of these updates will require a restart. Affected software includes both 32-bit and 64-bit, where applicable.

Report a problem with article
Previous Story

Windows 8 to use SmartScreen for file checking

Next Story

Do we really want NFC payments?

40 Comments

Commenting is disabled on this article.

I suppose this is to be expected the month after CanSecWest! Still it`s a lot loter updates

Wonder if it covers the SLAAC attack 0Day`er

And no one is commenting about Microsoft's copy&paste factory which reminds me more of "Metropolis" movie than of thinking/innovating software company.
All Win7 sp1 / Win server 2008 R2 sp1 security bugs date back to winNT/win2000. SMB bugs, fixed and re-re-fixed for the 20th time date back to win 3.1. The lastest new-out-of-press IE9 exploit date back to IE6 as are some other IE exploits.....

sCrAtCh420th said,
another reason i lean towards linux everyday

Got news for you - Linux has it no easier. In fact, it can actually be *worse* - openSuSE *typically* has darn near two hundred patches to their last-released (not beta or development) distribution weekly.

You did read that right.

Most of them are, in fact, security-related (the equivalent of Microsoft's critical patches).

I'm not a die-hard Windows fanatic (until I got the capability to run openSuSE x664 in a VM, that is what I dual-booted with 7 Ultimate x64) - in fact, I prefer openSuSE to most other Linux distributions (and it's miles ahead of Kubuntu). But Linux is still not exactly problem-free, even compared to Windows XP.

Also, have the patches been broken down by which are OS-specific (say, Vista-specific, for example) as opposed to multiple-OS patches (neither Vista or 7 would need patches relating to IE 6, for example).

App V, Med V, XP Mode all negate the reasons to keep you off win7 --- Corporate IT needs to suck it up and get it done... XP MUST DIE!

Matt A. Tobin said,
App V, Med V, XP Mode all negate the reasons to keep you off win7 --- Corporate IT needs to suck it up and get it done... XP MUST DIE!

there ain't nothing wrong with XP. true it is dated but that is about it. it still works fine.

soldier1st said,

there ain't nothing wrong with XP. true it is dated but that is about it. it still works fine.

Exactly. We had this discussion in our weekly meeting this week. Nothing wrong with XP in a corporate environment. Whenever you ask someone why would a corporation need 7, most of the responses are that it has a cool interface. Sorry, but it's not worth the hassle to upgrade 40k machines for a "cool interface." Any one that has ever said that has never done support.

notta said,

Exactly. We had this discussion in our weekly meeting this week. Nothing wrong with XP in a corporate environment. Whenever you ask someone why would a corporation need 7, most of the responses are that it has a cool interface. Sorry, but it's not worth the hassle to upgrade 40k machines for a "cool interface." Any one that has ever said that has never done support.

Anyone who seriously believes that the only real thing Win7 offers is a cool new interface doesn't need to work in support and probably shouldn't be anywhere near a computer. The its not broken don't fix it approach becomes a bit insane after a while. Can you imagine if you could run a legacy version of Ubuntu or Redhat for a decade (with full support and the latest updates)?

With the amount of updates that XP has had since SP3 was released I think it's time they compile a SP4 for the OS as it's still going strong.

sava700 said,
With the amount of updates that XP has had since SP3 was released I think it's time they compile a SP4 for the OS as it's still going strong.

..... or at least a roll-up like they used to do anyways.

sava700 said,
With the amount of updates that XP has had since SP3 was released I think it's time they compile a SP4 for the OS as it's still going strong.

Its v doubtful, same happened with Win2000. Create your own slipstream image with all the updates. Dead easy using something like nLite

SHoTTa35 said,

..... or at least a roll-up like they used to do anyways.

They might do this, at least once. After that you're on your own update wise.

sava700 said,
With the amount of updates that XP has had since SP3 was released I think it's time they compile a SP4 for the OS as it's still going strong.

It's in extended support. No more SPs. They don't (and shouldn't IMO) care about XP diehards who absolutely want to reinstall XP on new computers

Aethec stated...
They don't (and shouldn't IMO) care about XP diehards who absolutely want to reinstall XP on new computers
It may be corporate IT policy that prevents the install of Windows 7 because of some legacy software the company does not want to spend the money in upgrading.

Don't forget, too, that there are people who are more concerned about doing more with less, and are more concerned about paying the rent and putting food on the table than getting a new computer at the moment... especially when the old computer still can browse the Internet, read e-mail, and write documents.

Z'Loth said,
Don't forget, too, that there are people who are more concerned about doing more with less, and are more concerned about paying the rent and putting food on the table than getting a new computer at the moment... especially when the old computer still can browse the Internet, read e-mail, and write documents.

It's not so much falling into the usual inane XP vs 7 argument, but new installs versus updates. Microsoft still has to support XP, hence XP still getting security updates. What Microsoft doesn't support/want/whatever is new XP installs. There's nothing stopping you from re-installing XP of course, but you can't honestly expect them to take the time, effort and money to make new install images of a legacy product. There's just no reason for them to do so. (Of course, you can slipstream them yourself...)

warwagon said,
Just about time for my monthly reboot.

Right it's it great that windows has finally become stable enough that the only time we have to reboot is when we install something. I actually get a tad angry when I install something and it requires a reboot. Most don't "require" it but makes you do it anyway

thequestor said,

Right it's it great that windows has finally become stable enough that the only time we have to reboot is when we install something. I actually get a tad angry when I install something and it requires a reboot. Most don't "require" it but makes you do it anyway

Exactly. I installed the new version of Roboform. Not only did i tell me to reboot, but it wouldn't let me open the application until i did. *&#$*_)$*#)_((#

warwagon said,

Exactly. I installed the new version of Roboform. Not only did i tell me to reboot, but it wouldn't let me open the application until i did. *&#$*_)$*#)_((#

Most programs will only require you to reboot if the file was in use at the time of the installation and it needs to replace the file.

PotatoJ said,
Unless your school requires the latests updates to allow you on the network >_>

Which is why I reboot once a month. Just to install the latest updates.

warwagon said,

Which is why I reboot once a month. Just to install the latest updates.

I used to keep my computer on 24 hours a day then I realised how much money I save by turning off at night when I don't use it. Also there is the environment if you believe in that kind of stuff. I don't, I just enjoy the money I save.

What reason do people have to keep their computers on 24 hours a day? I can understand when you use to download large files over a dial-up but that is not the case for most people any more.

stevember said,

What reason do people have to keep their computers on 24 hours a day?

Most people just send their computer to sleep. At least that is what I do.

stevember said,

I used to keep my computer on 24 hours a day then I realised how much money I save by turning off at night when I don't use it. Also there is the environment if you believe in that kind of stuff. I don't, I just enjoy the money I save.

What reason do people have to keep their computers on 24 hours a day? I can understand when you use to download large files over a dial-up but that is not the case for most people any more.

I have NEVER left any of my computers on 24/7, even on dial up, and have NEVER figured out why people do that either. Some people just don't care about wastes of ANY type!! Also part of why I have 8 machines. Can play on a different one everyday and thusly save wear and tear!!

Dang though!! This sure is going to be whopper update!!

I leave two computers on 24/7. One is my server which actually hosts my website and is also my backup computer. Then my desktop, which I see no reason to turn it off. Most of the time I'm up during the night and I'm just too anal to turn it off.

stevember said,

I used to keep my computer on 24 hours a day then I realised how much money I save by turning off at night when I don't use it. Also there is the environment if you believe in that kind of stuff. I don't, I just enjoy the money I save.

What reason do people have to keep their computers on 24 hours a day? I can understand when you use to download large files over a dial-up but that is not the case for most people any more.

If you download really large (and legal) files, such as Linux distribution ISOs (or, in my case, ISOs of Windows desktop and server OSes and development tools), that is best done at night (or, in the case of the Linux distributions, via p2p, which can chew up some serious time, even overnight), even if you have a fast cable or fiber connection (more often than not, your end is less bandwidth-choked than the hosting server; which is another reason to opt for "nightowl-downloads").

PGHammer said,

If you download really large (and legal) files, such as Linux distribution ISOs (or, in my case, ISOs of Windows desktop and server OSes and development tools), that is best done at night (or, in the case of the Linux distributions, via p2p, which can chew up some serious time, even overnight), even if you have a fast cable or fiber connection (more often than not, your end is less bandwidth-choked than the hosting server; which is another reason to opt for "nightowl-downloads").

Yes, but still not every night.

stevember said,

What reason do people have to keep their computers on 24 hours a day? I can understand when you use to download large files over a dial-up but that is not the case for most people any more.

Mine stays on to Fold 24/7 unless it needs a reboot in which case it get the reboot and carries on folding

stevember said,

I used to keep my computer on 24 hours a day then I realised how much money I save by turning off at night when I don't use it. Also there is the environment if you believe in that kind of stuff. I don't, I just enjoy the money I save.

What reason do people have to keep their computers on 24 hours a day? I can understand when you use to download large files over a dial-up but that is not the case for most people any more.

I run my own computer repair business, and a lot of times customers will call me in the morning and wake me up. I keep my computer on all the time so when they wake me up I can go right to my computer and pull up their account on quickbooks.

warwagon said,

Exactly. I installed the new version of Roboform. Not only did i tell me to reboot, but it wouldn't let me open the application until i did. *&#$*_)$*#)_((#

Doesn't happen with me. Just close all folders and browser then install. What i don't like is that it opens the browser after install everytime just to thank you for installing/purchasing. Annoying since if I want to reboot or whatnot I have to wait for all my tabs to load up.