Microsoft Patch Tuesday Preview, January 2014

January 13, 2014

In keeping with its customary schedule, Microsoft on Thursday released its Security Bulletin Advance Notification for January 2014, summarizing the security bulletins, and associated patches, that it plans to release Tuesday, January 14.  This will apparently be a relatively light month, with only four bulletins slated for release; all four have an Important severity rating.

Two of the bulletins are for Windows itself.  One affects Windows XP and Server 2003; the other affects Windows 7, Server 2008R2, and Server Core.  Other versions of Windows (Vista, Server 2008/SP2, 8, 8.1, RT, RT 8.1, and Server 2012) are not affected at all.

One bulletin affects Microsoft Office and server software: Word, Word Viewer, Share Point Server, and WebApps.  The final bulletin affects Microsoft ERP package, Dynamics AX.

Microsoft says that the two Windows bulletins will require a system restart; the others may require one, depending on your system’s configuration.

As always, this information is subject to change in the final release.  I will post another note here if there appear to be significant changes.


Microsoft Patch Tuesday, December 2013

December 10, 2013

Microsoft today released its regular monthly batch of security updates for Windows and other software, summarized in the Security Bulletin Summary.  This month, there are 11 bulletins, addressing 24 identified vulnerabilities.  Five of the bulletins have a Critical severity rating; the other six are rated Important.  Six of the bulletins apply to Windows and its components and four apply to Microsoft Office.   There are also patches for Exchange, SharePoint, Office Web Apps, and Lync server software, as well as for some Microsoft developer tools. (The complete list of affected software is given in the Security Bulletin Summary, along with download links for the patches.)

All supported versions of Windows have at least two Critical bulletins.  The table below shows a breakdown of the Windows bulletins by severity and Windows version.

Windows Version Critical Important Moderate
Windows XP+SP3 3 2
Windows Vista 4 1
Windows Server 2003 2 3
Windows Server 2008 3 2
Windows 7 3 1
Windows Server 2008 R2 2 2
Windows 8 3 1
Windows RT 3 1
Windows Server 2012 2 2
Windows Server 2012 R2 2 2
Windows 8.1 3 1
Windows RT 8.1 3 1
Windows Server Core 3 1

One bulletin applicable to Office is rated Critical; the others are rated Important.

Microsoft says that four of the bulletins for Windows will definitely require a restart; the other bulletins may require one, depending on your system’s configuration.

The SANS Institute has published its usual post summarizing the updates, with their assessment of the severity of each bulletin.


Microsoft Patch Tuesday Preview, November 2013

November 11, 2013

On Thursday, in keeping with its usual schedule,  Microsoft released the Security Bulletin Advanced Notification for November 2013, previewing the security bulletins and associated patches it intends to release on Tuesday, November 12, 2013.   This month there are eight bulletins in all; three of these have a maximum security rating of Critical; the others are rated Important.  Six of the bulletins affect Windows and its components.  Two bulletins affect Microsoft Office.   More details on specific versions are given in the Advanced Notification.

All supported versions of Windows have at least one Critical bulletin.  The table below shows a breakdown of the Windows bulletins by severity and Windows version.

Windows Version Critical Important Moderate
Windows XP+SP3 3 2
Windows Vista 3 2
Windows Server 2003 1 3 1
Windows Server 2008 1 3 1
Windows 7 3 2
Windows Server 2008 R2 1 3 1
Windows 8 3 3
Windows RT 3 1
Windows Server 2012 1 4 1
Windows Server 2012 R2 1 4 1
Windows 8.1 3 3
Windows RT 8.1 3 1
Windows Server Core 1 3

The bulletins for Office are rated Important.

Microsoft says that five of the bulletins for Windows will definitely require a restart; the other bulletins may require one, depending on your system’s configuration.

As always, this information is subject to change between now and the actual release of the bulletins on Tuesday.  If there are significant changes, I will post a note here once the actual updates are available.


Microsoft Patch Tuesday Preview, October 2013

October 3, 2013

Today, in keeping with its usual schedule,  Microsoft released the Security Bulletin Advanced Notification for October 2013, previewing the security bulletins and associated patches it intends to release on Tuesday, October 8, 2013.   This month there are eight bulletins in all; four of these have a maximum security rating of Critical; the others are rated Important.  Four of the bulletins affect Windows and its components.  Three bulletins affect Microsoft Office (including Office for Mac); one of these also affects Microsoft’s SharePoint server.  A final bulletin affects Microsoft’s Silverlight.   More details on specific versions are given in the Advanced Notification.

All supported desktop versions of Windows have at least one Critical bulletin.  The table below shows a breakdown of the Windows bulletins by severity and Windows version.

Windows Version Critical Important Moderate
Windows XP+SP3 4
Windows Vista 4
Windows Server 2003 3 1
Windows Server 2008 3 1
Windows 7 4
Windows Server 2008 R2 3 1
Windows 8 4
Windows RT 2 1
Windows Server 2012 3 1
Windows Server 2012 R2 1
Windows 8.1 1
Windows RT 8.1 1
Windows Server Core 3

The bulletins for Office and Slverlight are rated Important.

Microsoft says that three of the bulletins will definitely require a restart, and the other bulletins may require one, depending on your system’s configuration.

As always, this information is subject to change between now and the actual release of the bulletins on Tuesday.  If there are significant changes, I will post a note here once the actual updates are available.


Microsoft Patch Tuesday Preview, September 2013

September 5, 2013

Today, in keeping with its usual schedule,  Microsoft released the Security Bulletin Advanced Notification for September 2013, previewing the security bulletins and associated patches it intends to release on Tuesday, September 10, 2013.   This month there are fourteen bulletins in all; four of these have a maximum security rating of Critical; the other ten are rated Important.  Seven of the bulletins affect Windows and its components.  Seven bulletins affect Microsoft Office (including Office for Mac); one of these also affects Microsoft’s SharePoint server.  More details on specific versions are given in the Advanced Notification.

All supported desktop versions of Windows have at least one Critical bulletin.  The table below shows a breakdown of the Windows bulletins by severity and Windows version.

Windows Version Critical Important Moderate
Windows XP+SP3 2 3
Windows Vista 1 3
Windows Server 2003 1 3 1
Windows Server 2008 3 1
Windows 7 1 4
Windows Server 2008 R2 4 1
Windows 8 1 3
Windows RT 1 2
Windows Server 2012 3 1
Windows Server Core 4

Two of the bulletins for Office are rated Critical; the other five are rated Important.

Microsoft says that three of the bulletins will definitely require a restart, and the other bulletins may require one, depending on your system’s configuration.

As always, this information is subject to change between now and the actual release of the bulletins on Tuesday.  I will post a note here once the actual updates are available.


Microsoft Patch Tuesday Preview, July 2013

July 4, 2013

In keeping with its usual schedule, despite the Independence Day holiday here, Microsoft today released the Security Bulletin Advanced Notification for July 2013, previewing the security bulletins and associated patches it intends to release next Tuesday, July 9, 2013.   This month there are seven bulletins in all; six of these have a maximum security rating of Critical; the other is rated Important.  Five of the bulletins affect Windows and its components; a sixth affects Windows as well as some other software (Office, Lync, Silverlight).

All supported versions of Windows have several Critical bulletins.  The table below shows a breakdown of the Windows bulletins by severity and Windows version.

Windows Version Critical Important Moderate
Windows XP+SP3 6
Windows Vista 6
Windows Server 2003 5 1
Windows Server 2008 5 1
Windows 7 6
Windows Server 2008 R2 5 1
Windows 8 6
Windows RT 5
Windows Server 2012 5 1
Windows Server Core 3

In addition, one of the bulletins affects Microsoft’s Silverlight, and is rated Critical.  Another affects Lync, for which it is rated Critical, as well as Office and Visual Studio, for which it is rated Important.

The remaining bulletin, which is rated Important, applies to Windows Defender.

Microsoft says that two of the Windows bulletins will definitely require a restart, and the other bulletins may require one, depending on your system’s configuration.

As always, this information is subject to change between now and the actual release of the bulletins on Tuesday.  I will post a note here once the actual updates are available.


Microsoft Patch Tuesday, June 2013

June 11, 2013

As expected, Microsoft today released its regular monthly batch of security bulletins and associated patches.  This month there are five bulletins, addressing 22 identified vulnerabilities.   Four of the bulletins are for Windows and its components (including Internet Explorer);  one of these is rated Critical, and the others Important.  All supported desktop versions of Windows are affected by the Critical bulletin. (This month´s preview post has a breakdown of patches by severity and Windows version.)

The remaining bulletin, rated Important, applies to Microsoft Office, specifically Office 2003 and Office for Mac.

Microsoft says that the Windows bulletins will definitely require a system reboot; the Office bulletin may require one, depending on the configuration of your system.

For more detailed information, and download links, please see the Microsoft Security Bulletin Summary for June 2013.

As usual, I recommend applying these patches to your systems as soon as you conveniently can.

Update Tuesday, 11 June, 13:30 EDT

The Internet Storm Center at the SANS Institute has posted its usual monthly summary of Microsoft´s bulletins.


%d bloggers like this: