Microsoft today released a baker’s dozen of software updates to fix twice as many vulnerabilities in its various Windows operating systems and other software. Translation: If you use any supported version of Windows, it’s time once again to update your PC.
Five of the 13 update bundles Redmond issued today earned a rating of “critical,” meaning Microsoft considers these flaws so serious that attackers could exploit them to seize control over vulnerable systems just by getting users to visit a hacked or malicious Web site.
Seven of the most serious bugs are addressed by two patches for Microsoft Office software. Critical flaws in Microsoft Paint, Microsoft Directshow, and a critical ActiveX (Internet Explorer) vulnerability round out the most recognizable of the serious flaws.
According to Microsoft, the most dangerous of the flaws — that is, those that computer crooks are most likely to try and succeed at exploiting soon, include:
-A critical vulnerability in the “server message block” or SMB service — which handles Windows networking (curiously, this is rated critical on all supported Windows versions except Windows Vista and Server 2008);
-A nasty bug in the Windows Shell Hander, the component that allows preview thumbnails to Windows Explorer (affects only Windows 2000, XP and Server 2003);
-The ActiveX/IE and Directshow flaws I mentioned above.
If you encounter any issues or serious problems after installing any or all of these updates, please drop a line in the comments below. Generally, serious problems with Windows patches are rare, and occur mainly in business systems with custom software. Usually, it becomes clear very soon after Patch Tuesday if there are any problems with consumer systems. Just try not to let too much time pass by before applying all of the relevant updates to your machine.
Windows Vista and Windows 7 users can check for updates by clicking “Start,” typing “Windows Update” and selecting the resulting option. Windows XP and W2k users will need to visit the Windows Update Web site with Internet Explorer. Alternatively, Windows users with Automatic Update enabled will likely receive a prompt within the next 12-24 hours to install this month’s round of patches.