Today is the second Tuesday of March, so, in keeping with its usual schedule, Microsoft has released this month’s batch of security bulletins and patches for Windows and related software. This month, there are six patches, for six identified vulnerabilities. Four of the patches are for Windows itself, one of which is rated Critical; all supported versions of Windows are affected. For a breakdown of patches by version and severity, check this month’s preview post.
There are also patches for Microsoft’s development tools: one for Visual Studio, and one for Expression Design, both rated Important.
Further details, and download links, are in the Security Bulletin Summary for March 2012. Microsoft says that three of the patch installations will definitely require a system restart, and the others may require one, depending on the configuration of your system.
As always, I recommend that you update your systems as soon as you conveniently can.
The folks at the SANS Internet Storm Center have posted their customary summary of this month’s bulletins, together with their severity ratings and suggestions.
Update Tuesday, 13 March, 17:16 EDT
The folks at SANS have rated one of the Windows patches, MS12-020, for servers as their most urgent category, Patch Now. (Microsoft rated it as Critical.) They have posted a diary entry explaining their rating. I think they make a good case for attending to this as a matter of urgency for your servers.