Qualys Blog

www.qualys.com
wkandek

February 2012 Patch Tuesday Preview

Microsoft published its Patch Tuesday Preview for February of 2012 and as expected we are getting a larger batch of nine bulletins addressing a total of 21 vulnerabilities. Four bulletins are classified as "critical" and the remaining as "important". There is the expected critical update to Internet Explorer which should be highest priority. After all, we saw last month how quickly attackers are incorporating browser based attacks into their toolkits; an exploit for MS12-004 was detected a mere 15 days after Patch Tuesday.

There are also two critical fixes for WIndows itself, plus one for the .NET framework that should be prioritized.

In the "important" category, there are three Remote Code Execution vulnerabilities, one of them in Office. Most likely we are looking at file based attacks and at least the Office vulnerability should be included in your first tier of patching.

Leave a Reply