Patch Tuesday brings bevy of critical updates

Microsoft’s April security bulletin includes 11 updates for 25 vulnerabilities, 5 of which are deemed critical and impact popular Windows software.

Microsoft today released its Security Advisory for April, which includes 11 updates to address 25 vulnerabilities. Impacting popular Microsoft products such as Windows, Microsoft Office and Microsoft Exchange, the software maker deemed five updates critical, another five are considered important and one was ranked moderate.Microsoft slates 25-patch Windows update for next weekMicrosoft recommended in a statement that customers give priority to MS10-019, MS10-026 and MS10-027.

"Microsoft recommends that customers deploy all security updates as soon as possible. However, Microsoft's guidance on deployment priority is that customers should consider MS10-019, MS10-026 and MS10-027 as the top priority bulletins for April," the company stated in a press released about the security bulletin.

According to Microsoft, MS10-019 "affects all version of Windows." The company explains that "the issue would allow an attacker to alter signed executable content (PE and CAB files) without invalidating the signature."

MS10-026 is a critical update on Windows 2000, XP, Server 2003 or Server 2008, but does not affect Windows 7, Windows Server 2008 R2 or Itanium devices of Windows Server 2008 and Windows Server 2003, Microsoft says. The vulnerability addressed by this update "could be triggered simply by visiting a Web page hosting a specially crafted AVI file that began streaming when the page loads," Microsoft says.

And MS10-027 addresses a vulnerability that could be exploited by simply visiting a specially crafted Web page, and the update affects only Windows 2000 and Windows XP users.With this raft of updates, Microsoft also asked the customres on platforms nearing end of support to update to the latest service pack or the more recent operating systems to continue to get security updates from the software maker.According to Microsoft, Windows XP Service Pack 2 will no longer be supported after July 13, 2010 and extended support for Windows 2000 will also be retired on that date. And Windows Vista RTM will no longer be supported after this April 13, 2010 bulletin release, while Service Pack 1 will be supported until July 12, 2011.Posted by Denise DubieDo you Tweet? Follow Denise Dubie on Twitter here.

Like this post? Check out these others.

Plus, visit the Microsoft Subnet web site for more news, blogs, podcasts. Subscribe to all Microsoft Subnet bloggers. Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.) All Microsoft Subnet bloggers on Twitter

Follow

 
Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Related:
Now read: Getting grounded in IoT