Huge Patch Tuesday - Act now

Filed Under: Microsoft, Vulnerability

This month's Patch Tuesday is enormous. The good news? Few, if any, of these exploits are currently being exploited in the wild. The bad news? If history teaches us anything it is only a matter of time.

Microsoft released 14 patches covering 34 different vulnerabilities. The scary part of this is what I call the "sea of red". The Microsoft Security Response Center publishes some very easy to understand infographics explaining the risk of exploitation and the priority you should assign to testing and deploying the fixes. This month most of the fixes are critical and priority 1.

Microsoft analysis for August 2010 Patch Tuesday

Microsoft's advice is prudent, and I would follow their guidance in applying these fixes. We should be cautious, but with the risk inherent in some of these flaws we need to act quickly.

It is important to note that simply because many of these flaws effect Windows 7, this should not be a condemnation of the OS or Microsoft's Security Development Lifecycle (SDL). Windows 7 may be vulnerable to many issues, but it is without question the most secure Windows ever. Time is running out on long term plans to migrate from Windows XP. Windows 7 is still your best bet for a more secure desktop environment.

, ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.