Time flies! We’re already on the second Tuesday of September, and that means it’s time for the monthly release of security bulletins from Microsoft. I got some insight and commentary from security experts about the latest security bulletins and which ones you should make the highest priority to implement.
It’s Patch Tuesday time again. Today Microsoft released 12 new security bulletins—five of which are rated as Critical. I reached out to security experts to get some insight on the latest batch of security updates and which ones deserve the most immediate attention.
With 12 new security bulletins the total for the year now stands at 105—and there are still three months left in 2015. Microsoft only released 85 security bulletins in 2014 and the 105 for this year is only one short of the total for 2013. The question is why are there so many more security bulletins this year and what is the rise in security bulletins a reflection of?
“The reason for such a significant increase in updates this year could be attributed to a variety of factors such as the launch of Windows 10 and other new Microsoft products but regardless of the reason, the now-restructured team at Trustworthy Computing is definitely staying busy,” declared Russ Ernst, director product management, HEAT Software (formerly Lumension). “And maybe even overwhelmingly so.”
The 12 security bulletins address a total of 56 separate vulnerabilities impacting a wide range of products and applications. The Critical security bulletins alone address issues with Windows Journal, Microsoft Graphics Component, and both Internet Explorer and the new Microsoft Edge browser. Interestingly there are two separate Critical updates that both deal with security flaws in Internet Explorer even though one of the two is a cumulative update.
According to Chris Goettl, product manager with Shavlik, five of the bulletins have vulnerabilities that have been publicly disclosed and one has been detected in exploits in the wild. Goettl stressed that any vulnerability that has been publicly disclosed is something you should pay close attention to, as public disclosure is an indicator of risk. Statistically these vulnerabilities are going to have a much higher chance of being exploited.
See the full story on CSOOnline.com for recommendations about how to prioritize the updates: Security experts weigh in on Microsoft’s Patch Tuesday for September.