Microsoft is set to release a record Patch Tuesday monthly
security update for its software today, with 13 patches aimed at
fixing 34 vulnerabilities.
The previous record of 12 security patches in a month was set in
February 2007 and matched again in October 2008.
In the
advance bulletin for October, Microsoft gave eight of the 13
patches the highest severity ranking of "critical" because they fix
bugs that could allow hackers to launch malicious attacks
remotely.
The critical patches deal with vulnerabilities in Windows,
Office Internet Explorer, Silverlight, SQL Server, Forefront and
some developer tools.
The remaining five patches for the Windows operating system have
all been given Microsoft's second highest ranking of
"important".
Two of the patches cover zero-day vulnerabilities in the Server
Message Block (SMB2) network file sharing protocol and an actively
exploited flaw in the FTP service.
The SMB vulnerability, which affects Windows 7, Vista, XP,
Server 2003 and Server 2008, occurs in the way that version 2 of
the protocol parses SMB requests.
The updates are likely to keep many corporate IT administrators
busy in the coming days as six updates require a system restart and
the rest may require a restart.