Microsoft announced their February Patch Tuesday Advanced Notification yesterday.  As expected, this patch Tuesday is going to be quite large.  They are planning on releasing 13 security bulletins.

Bulletin breakdown:

  • 11 bulletins apply to the Windows operating system
  • 2 bulletins apply to Office (Office and PowerPoint)
  • 5 bulletins are rated as Critical
  • 7 bulletins are rated as Important
  • 1 bulletin is rated as moderate
  • All operating systems are affected

The sheer number of bulletins may take people by surprise.  In October 2009, Microsoft released the same number of bulletins in a single release.  Comparing this month to October, this month should not be quite as bad for administrators.  All of the bulletins this month affect common applications that can be pushed out with a blanket patching cycle.

In October, the bulletins affected a great magnitude of products.

  • Operating systems
  • .NET
  • Windows Media Player
  • SQL Server
  • Silverlight
  • Visual Studio
  • Visual FoxPro
  • Report Viewer
  • Forefront Client Security

Microsoft will be addressing one security advisory during this patch cycle.  Security Advisory 979682 will expire as one of these bulletins will patch the vulnerability.  Security Advisory 977544 and Security Advisory 980088 will remain active as Microsoft will not be providing patches for these vulnerabilities.  Administrators should review those advisories and put in safeguards where necessary.  Microsoft is stating they have not been made aware of any active exploits on those two vulnerabilities.

In this patch cycle, you should look at patching iTunes as well.  Apple released a new version of Apple iTunes earlier this week.  This version will fix security vulnerabilities in your iPhone.

As with any patch day, you should be on the lookout for any other vendors releasing patches on Tuesday.  It is not uncommon for Mozilla or other companies to release security bulletins.

More to come Tuesday when the bulletin details are released.

- Jason Miller