MS Patch Tuesday heads-up: 7 bulletins, 23 vulnerabilities

MS Patch Tuesday heads-up: 7 bulletins, 23 vulnerabilities

Summary: All versions of Microsoft's flagship Windows operating system are affected by this month's releases, including the newest Windows 7 and Windows Server 2008 R2.

SHARE:
TOPICS: Microsoft, Security
35

Microsoft's May batch of security patches will include fixes for at least 23 serious security vulnerabilities affecting the Windows ecosystem.

According to an advance notice from Microsoft, there will be a total of 7 bulletins addressing 23 security holes in Microsoft Windows, Office, Silverlight, and .NET Framework.

Three of the seven bulletins will be rated critical because of the risk of remote code execution attacks.

All the others will carry an "important" rating and will cover vulnerabilities that can cause code execution of privilege escalation attacks.

All versions of Microsoft's flagship Windows operating system are affected by this month's releases, including the newest Windows 7 and Windows Server 2008 R2.

Windows users will also want to pay special attention to the Microsoft Office updates.  Microsoft expects to ship the patches by 1:00 PM Eastern on Tuesday May 8, 2012.

Topics: Microsoft, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

35 comments
Log in or register to join the discussion
  • Please, please, please...

    Can we all just agree that patching vulnerabilities is good, and leave it at that?

    Or is that just too much to hope for?
    msalzberg
    • It's only good

      When Microsoft does it. If anyone else does it, it's a sign that their software is junk.
      Jumpin Jack Flash
    • Clearly not

      Apple's astroturfers like Jack will make sure of that.
      toddbottom3
      • As opposed to Microsoft's astroturfers like you?

        Being you're paid to be here, otherwise you're stealing from any company foolish enough t pay you.
        Jumpin Jack Flash
  • So why not call it a Megapatch, after all there are 23 vulnerabiities

    In Windows.If Apple released a Patch for vulnerabilities, some 10+ years old, MS's PR Firm ZDNet... Who am I kidding once the Microsoft employees see this, it will be voted into Oblivion, even though it's 100% honest.
    Jumpin Jack Flash
    • Who cares?

      Mega, major, minor, tiny? It's irrelevant. What is relevant is the fact vulnerabilities are being patched.
      ye
      • And yet you, snd your fellow Microsoft Fanboy/employees

        Will waste no time voting it into oblivion. Which proves my point, say something that offends Microsoft and get voted into oblivion/flagged.
        Jumpin Jack Flash
      • It's not that you say something that offends Microsoft which is leading...

        ...to the down votes. It's that you say stupid things which are getting you the down votes.
        ye
      • No ye the Windows troll.

        It's the fact that Microsoft pays trolls to flood discussion threads, to down rate anyone that says anything negative of the Worst software company ever!
        Jumpin Jack Flash
  • Yep, Apple is OK because Microsoft has patches.

    Anyone else think its funny that Win having patches somehow makes Apple not patching their vulnerabilities acceptable?

    .
    Rob Berman
    • Considering some of these are more than a decade old

      How is pointing the finger at Apple relevant?
      Jumpin Jack Flash
      • Reverse Logic

        I love your reverse logic, the fact that a bug has existed and been undiscovered for 10 years, despite the fact that the software is being used by about 1 billion people, means that the bug in question is really big and important.....

        Surely the fact that one billion people could use a program for 10 years without the bug being an issue proves that it isn't all that important?
        Doctor Demento
      • Doctor Demento

        About that Billion people thing. It's a bul sh!t number made up by Microsoft. that number includes the 20%, or better, licenses that have been discarded. Microsoft counts licenses that shipped with a computer that were never used, because the OEMs are required to "Pre-Activate" the license. Those send to large companies are promptly deleted, only to be replaced with the Software Assurance license. So in essence Microsoft counts phantom licenses, as real copies.
        Jumpin Jack Flash
  • some one said "Apple"?

    So how many PC's have been compromised by these vulnerabilities? 600.000? Or is this being patched before it is exploited?
    Snarfiorix
    • Compare numbers a week after patch release;-)

      Seriously you'd have been better off using percentage of installed base that numbers. 600,000 infections for windows isn't that unusual - particularly with the number of unlicensed copies.
      Richard Flude
    • Seriously

      How many Windows malware infections have topped a million? Better than 100 have.
      Jumpin Jack Flash
  • Confused Ole Man ! ! !

    I'm so confused (which is easy for a 77 year old) - - - I missed something - when did the M$ & Redhat wars end and now it's M$ n' Apple..... Ah, would it be so humble there is no place like Win 3.0 !!!!! Seriously, think about you arguments - do you honestly believe that either companies will not take appropreate action(s) with patches as soon as they figure out HOW and WHY the OS needs to be patched??? So many disagreements - - - Sad, indeed!!!
    puppadave
    • Stopped reading at "M$"

      I stopped reading at "M$"
      Qbt
      • So did I Stop reading at "M$"

        I really find it churlish of people to use this term for Microsoft
        Gadsy
    • No need for speculation

      Apple goes through denial first and then might, grudgingly provide patches if it's apparent that the reality distortion field is failing.

      Google apparently has turned quality control over to a lot of guys in basements and pays them a pittance for finding their bugs

      MS has over a billion users, dedicated quality control and updates the planet every month with scheduled patches as well as out of schedule patches if the need is urgent.

      Both Google and Apple are essentially patching systems based on 1980s Unix or its 1990's clone Linux, MS actually wrote their OS ;-)

      Oh and I'm sixty and not confused ;-)
      tonymcs@...