Microsoft Patch Tuesday Fixes 21 Security Flaws

Dennis Faas's picture

Microsoft says that it will patch more than twenty security problems this Valentine's Day (February 14), coinciding with its regular "Patch Tuesday."

Microsoft will be offering fixes for a wide range of flaws affecting the company's Internet Explorer (IE) web browser, every version of its Windows operating system (OS), as well as Microsoft Office.

The total of 21 fixes will be spread across nine different security bulletins, four of which Microsoft has labeled "critical," which is the company's highest security warning.

The rest of the bulletins are all marked "important," which is the second-highest alert rating.

Theme This Patch Tuesday: Remote Code Execution Repairs

Arguably, the biggest problem being addressed by all these fixes is a "remote code execution" vulnerability in the company's Internet Explorer browser. The weakness could allow a remote hacker to take control of a victim's computer system.

This is the second "Patch Tuesday" in a row that Microsoft has provided fixes for remote code execution flaws, as a patch addressing a similar kind of vulnerability in Windows Media Player was released in January.

There are also "critical" fixes coming to every version of Windows, from Windows XP Service Pack 3 (SP3) all the way up to Windows 7.

The Windows Server 2008 operating system seems to be particularly vulnerable this month, as it is the one addressed by the most security bulletins. (Source: informationweek.com)

This month's patches targeting remote code execution vulnerabilities also include several security bulletins marked "important".

One of the more glaring holes being addressed affects Microsoft Office's Visio Viewer, a program used to design professional-looking diagrams.

Fewer Security Bulletins, Patches Than in February 2011

Although the number of "critical" and "important" bulletins released this month appears to be high, the quantity of patches released by Microsoft for February is actually down from the number released at the same time last year.

Lumension security analyst Paul Henry credits Microsoft's "renewed focus" for the improvement.

"Now if folks would just follow through and patch!" Henry added. (Source: eweek.com)

Rate this article: 
No votes yet