14 DAY TRIAL // Microsoft will patch Critical vulnerabilities in both Windows and Internet Explorer next week, with the release of this month’s collection of security updates.
Only the most severe of security holes are rated Critical by the Redmond company, to point out that potential attackers could remotely compromise and take over user machines.
On October 11, 2011, the software giant will release no less than eight security bulletins, covering a range of products, including Internet Explorer, .NET Framework and Silverlight, Windows, Microsoft Forefront UAG, and Microsoft Host Integration Server, according to Pete Voss, Sr. Response Communications Manager Microsoft Trustworthy Computing.
Only two of the patch packages scheduled for release next month are considered Critical, with the remainder all carrying a rating of just Important.
Regardless of the rating, it’s always best for customers to deploy all patches from Microsoft as soon as they’re made available, but especially Critical updates, since attackers can easily reverse engineer the fixes in order to discover vulnerabilities and built exploits which they can take advantage of.
According to the Security Bulletin Advance Notification for October 2011, customers running Windows 7 Service Pack 1 (SP1) will need to apply both Critical updates and another three Important patches.
Microsoft notes that while one of the Critical patches is designed to plug vulnerabilities in IE, the other comes to resolve issues impacting .NET Framework and Silverlight.
Customers running Internet Explorer 9, but also earlier versions of IE, will need to patch their browser, including in scenarios where it’s running on top of Windows 7 SP1.
I sent an email over to Microsoft and I’m waiting for some additional details on October 2011 Patch Tuesday, if they’ll want to share that is, at which time I’ll provide an update to users. So make sure and keep your eyes on this space.