As expected, Microsoft today released its regular monthly batch of security bulletins and associated patches. This month there are seven bulletins, addressing 11 identified vulnerabilities. Two bulletins have a Critical severity rating, and five are rated Important. Six of the bulletins are for Windows and its components; every supported version of Windows is affected. One of these bulletins also affects Microsoft Office.
The remaining bulletin is for Microsoft server software, including SharePoint, Groove, Expression Web, and System Center; this bulletin is rated Important. (For a breakdown of bulletin severity by Windows version, please see this month’s preview post.) Full details, and download links, are in the Microsoft Security Bulletin Summary for January 2013.
Microsoft says that three of the Windows bulletins will definitely require a system restart; the bulletin that affects only System Center (MS13-003) will not require a restart, The other bulletins may require one, depending on the system’s configuration.
This release does not appear to include a patch for the recently-discovered vulnerability in Internet Explorer. I recommend following the suggested mitigation steps that Microsoft has suggested, if you hav enot already done so.
The handlers at the SANS Internet Storm Center have posted their usual summary of the patch release, along with their severity assessments.
As usual, I recommend applying these patches to your systems as soon as you conveniently can.