Today is the second Tuesday of January, so, in keeping with its usual schedule, Microsoft has released this month’s batch of security bulletins and patches for Windows and related software. This month, there are seven patches, for eight identified vulnerabilities. Six of the patches are for Windows itself; all supported versions of Windows are affected. One of the patches has a maximum severity rating of Critical; the other five Windows patches are rated Important. For a breakdown of patches by version and severity, check this month’s preview post.
The remaining patch, rated Important, is for Microsoft’s developer tools, specifically Microsoft Anti-Cross Site Scripting Library V3.x and V4.0.
Further details, and download links, are in the Security Bulletin Summary for January 2012. Microsoft says that four of the patch installations will definitely require a system restart, and the others may require one, depending on the configuration of your system.
As always, I recommend that you update your systems as soon as you conveniently can.
Update Tuesday, 10 January, 15:48 EST
The folks over at the SANS Internet Storm Center have posted their customary monthly summary of Microsoft’s patches, along with their estimate of the severity of the flaws patched.