Many Updates on Patch Tuesday

Just as announced Friday last week, Microsoft released 17 security bulletins and according updates, fixing overall more than 60 security vulnerabilities in Windows, Internet Explorer, Office and the Developer tools. According to the exploitability index of the security bulletin summary, 44 of the 64 security vulnerabilities got the assessment 1, which means that exploitation of the vulnerability by cyber criminals is very likely to happen soon.

Some interesting updates affect the Windows Kernel in which many null-pointer dereferences and so-called use-after-free errors have been fixed; proper pointer usage seems to be not just complicated for beginners. Also the 64-bit Windows Kernel Patch Protection gets updated to ensure no unsigned drivers can be loaded and used. The Internet Explorer update is accompanied by another round of new ActiveX killbits which disable these installable and often insecure IE extensions.

As the patches fix critical security issues of which even Microsoft think they get abused soon, users and administrators should hurry up to install them as soon as possible!

Dirk Knop
Technical Editor