In keeping with its usual schedule, Microsoft today released a bumper crop of 17 security bulletins, and associated security patches for Windows and related software; together, the patches address more than 60 identified vulnerabilities. Nine of these bulletins have a maximum severity rating of Critical, and eight are rated Important. Thirteen of the bulletins are for Windows and its components, three are for Microsoft Office, and one is for Microsoft’s Visual Studio development tools. Microsoft rates many of these vulnerabilities as Likely to be exploited; seven of them have been publicly disclosed, and two are currently being exploited in targeted attacks.
Further details and download links are in the Security Bulletin Summary for April. Microsoft says that seven of the updates will definitely require a system reboot, and the remainder may require one, depending on your system’s configuration. As always, I encourage you to update your systems as soon as you can.
The folks at the SANS Internet Storm Center have also posted their usual monthly summary, including their severity ratings for these updates.