Microsoft is to patch 34 vulnerabilities in 14 security bulletins to be issued in its August Patch Tuesday security update according to an advance notice, equalling the record set in October 2009 and repeated in June 2010.
The latest bumper security update on 10 August comes just a week after Microsoft released an emergency update to patch a recently reported vulnerability in the way the operating system creates desktop shortcuts.
Including the emergency update, IT administrators will have to deal with nine bulletins with a critical rating, affecting all versions of the Windows operating system, Internet Explorer and Microsoft Office, said Wolfgang Kandek, chief technology officer at security firm Qualys.
Windows 7 and 2008 R2 have a smaller number of critical vulnerabilities than Windows XP and 2003 because of their improved security architecture, but are still affected by two critical vulnerabilities each, he said.
Internet Explorer, Office and Silverlight updates apply across the board on all Windows versions.
These are all examples of increasingly popular trend of attackers and malware going through the installed applications rather than through the core operating system, said Kandek.
Windows XP SP2 users do not have any patches supplied to them, even though the five critical vulnerabilities for XP SP3 most likely apply to their discontinued version of the operating system as well, he said.
"Windows XP SP2 users should upgrade to SP3 as quickly as possible," said Kandek.