Probably everyone who subscribes to Windows Update noticed a large number of “critical security fix” patches in the most recent Patch Tuesday release. The total I noted was around ten, with a few dedicated to the Malicious Software Removal Tool and other unrelated areas. These patches addressed 19 vulnerabilities, of which a whopping fifteen were deemed “critical.”

Some of the fixes were indeed pretty serious, and are already being exploited by those folks who’d love to hijack your machine as the latest member in their worldwide botnet. According to one commentator, “Many people are going to be looking at the WINS (039) anonymous remote code execution attack as a potential worm vector, but they shouldn’t minimize the IIS denial of service attack or Bulletin 038. These vulnerabilities mean that anyone could become infected simply by opening a movie file. Who doesn’t use the Internet these days to watch videos?”

These patches are pretty much no-brainers for home users. If you’re running Windows, you should keep it patched. In my experience, you’re unlikely to download an update that will result in a negative impact on your daily activities. If one does, you can always back it out later.

IT pros, however, are in a difficult place. Most corporations and other entities require pre-testing of new patches prior to release to the general user population. This means corporate systems folk will be beavering away, testing each update to make sure it won’t break some application and cause some sort of company-wide outage. With 19 fixes in this latest bundle, many companies will be burning the midnight oil for some time to come. Hopefully the people who have to run the tests will get comp time, or something of reasonable value (i.e. not just a back-slap and an “attaboy”).

Four of the most critical issues are “server-side exploits – IIS 7.0, Workstation, MSMQ and Wins.” That’ll make the testing process even more critical, since a patch-induced failure in any of these areas may take down critical servers, which are a whole lot more important than most desktop machines.

This entry was posted on Wednesday, August 12th, 2009 at 7:58 pm and is filed under Software, Windows. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.