Microsoft Planning Six April Bulletins; Four Critical

April 2012: Microsoft Bulletin Table

You should expect April’s Microsoft Patch Day to match last month in quantity, but exceed it in severity.

According to their advanced notification post for April, Microsoft plans to release six security bulletins next Tuesday, fixing eleven flaws that span Windows, Internet Explorer (IE), Office, SQL Server, and many other Microsoft products. Microsoft rates four of these bulletins as Critical, making it a relatively important Patch Day.

I suspect the IE bulletin will likely pose the most risk to typical organizations. It will likely fix at least one remote code execution vulnerability, which an attacker could exploit by luring you to a malicious website. That said, “Bulletin 4″ also looks quite interesting, since it affects so many different products. In any case, I recommend you prepare your staff for a busy day of testing and patching next Tuesday.

Return here on April 10 for more details on these upcoming bulletins.

[UPDATE] On Friday, Adobe released a pre-notification alert for their patch day, which falls on the same Tuesday as Microsoft Patch Day. You should also expect Adobe Reader and Acrobat updates next week. — Corey Nachreiner, CISSP (@SecAdept)

About Corey Nachreiner

Corey Nachreiner has been with WatchGuard since 1999 and has since written more than a thousand concise security alerts and easily-understood educational articles for WatchGuard users. His security training videos have generated hundreds of letters of praise from thankful customers and accumulated more than 100,000 views on YouTube and Google Video. A Certified Information Systems Security Professional (CISSP), Corey speaks internationally and is often quoted by other online sources, including C|NET, eWeek, and Slashdot. Corey enjoys "modding" any technical gizmo he can get his hands on, and considers himself a hacker in the old sense of the word.

Trackbacks/Pingbacks

  1. WatchGuard Security Week in Review: Episode 12 | WatchGuard Security Center - April 6, 2012

    [...] Microsoft Patch Day notification – WatchGuard Security Center [...]

  2. WatchGuard Security Week in Review: Episode 12 by Corey Nachreiner « microreksa - April 8, 2012

    [...] Microsoft Patch Day notification – WatchGuard Security Center [...]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 7,620 other followers

%d bloggers like this: