Skip Links

Microsoft: 16 security patches coming Tuesday, 4 critical for Windows 7

Patches for Windows Server 2008 R2, Internet Explorer 8 and Office apps are on the list, too.

By Microsoft Subnet on Thu, 10/07/10 - 1:54pm.

The next Patch Tuesday will be huge. Microsoft expects to push out 16 patches total that address a whopping 49 holes all over the place, including Windows 7 and Windows Server 2008.

Overall, four of the patches are rated critical, 10 are rated Important and two rated moderate. Most patches will require a restart.

Windows 7 will get all four of those critical patches, though one of them is really to fix Internet Explorer 8. Windows Server 2008 R2 is scheduled to have two critical patches. Microsoft Office and SharePoint will each get a few patches, all rated important.

Microsoft doesn't give a lot of details in its advance notification about what flaws it will be fixing -- just general information as to how many, how severe, which software products are affected and if they will require a reboot or not. But here's a link to the summary document anyway.

REVISED: Security analysts are already talking up the October "Halloween" Patch Tuesday as one of the scariest on record. I just got an e-mailed statement from Paul Henry, security analyst for patch management vendor Lumension. He said, "One of the largest patch loads we’ve seen this year is coming on the heels of recommendations from Microsoft around out-of-band patches, as well as Adobe’s huge announcement earlier this week encouraging users to quarantine 25 vulnerabilities in Reader and Acrobat. While administrators will have their hands full this week since Microsoft came out with an announcement recommending quarantining machines, it is also important to remember that it is always better to prevent infection than to have to clean it up afterwards."

The fixes also don't always align with the most recent security advisories Microsoft. I asked Henry if he had expectation that Microsoft would be using this giant patch cycle to fix some of the recent outstanding security issues that folks have been hit with. He was skeptical. Microsoft did already issue an out-of-band patch in September for an ASP.Net vulnerability -- that it warned users about. It was rated important.

As usual, I will post a summary of the Patch Tuesday fixes, links to the patches and cover anything above-and-beyond that Microsoft users need to know.

Check out these other posts from Microsoft Subnet

Like RSS? Subscribe to all Microsoft Subnet bloggers.
Like e-mail? Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.)
Like Twitter? Follow All Microsoft Subnet bloggers on Twitter @microsoftsubnet

Follow Julie Bort on Twitter @Julie188 or connect with me on my Facebook Like Page

Blog Roll
Microsoft Subnet Home Page
All Microsoft Subnet bloggers
Blake Handler The Road to Know Where
Dmitry's PowerBlog
Doug Brown,DABCC
Ed Bott's Windows Expertise
Joseph Tartakoff Microsoft Blog
Long Zheng istartedsomething
Paul Thurrott's Supersite for Windows
Robert McLaws WindowsNow
Todd Bishop's Microsoft Blog