Most people get flowers, chocolates, and cards for Valentine’s Day, but next Tuesday Microsoft IT professionals can expect a big box of patches.
According to their advanced notification post for February, Microsoft will release nine security bulletins next Tuesday, February 14th. The bulletins deliver updates that fix 21 vulnerabilities, spread across Windows, Internet Explorer (IE), Office, and the .NET Framework. Microsoft rates four of the bulletins as Critical, and the rest as Important.
Other than its unfortunate timing for the more romantically inclined IT folks, this month’s Patch Day looks pretty routine. That said, you should still apply the upcoming patches as quickly as you can. Hackers often compare the differences found in Microsoft’s patches to previous versions in order to find vulnerabilities and build exploits for them. For instance, last month we saw attackers exploiting one of Microsoft’s patched flaws within weeks of the patch’s release. This should encourage you to download, test, and deploy these updates as quickly as you can, slamming the “vulnerability window” shut before attackers can climb into your network.