Patch Tuesday - the second and occasionally fourth Tuesday in the month - has become something of a ritual for Windows users as it is the day when Microsoft pushes out all of the big bug fixes for its operating systems.
Yesterday though, things were a little different as for what is thought to be the first time the company has publicly detailed exactly what it is patching.
The Microsoft Security TechCenter has the details of the six patches that are designated as "critical" and seven that are important too.
For example, bug MS16-009 is a flaw in Internet Explorer which could conceivable enable a malicious website to execute remote code on your computer: In other words, install dodgy programs or mess about with your files.
Another bug, MS16-012 could enable remote code to be executed from a rogue PDF file. So perhaps the endless streams of Adobe PDF Reader updates might be worthwhile after all?
Getting your priorities right
The page also contains a full list of any software affected, and a ranked priority list in which Microsoft judges the priority of any of the exploits being executed within 30 days of the security bulletin being published. In other words, this is the company's best guess at which bugs are most likely to cause problems, so that corporate system administrators can deploy the most important updates first.
It's an interesting move for Microsoft to publish the details publicly - though should be welcomed as it means greater transparency in spelling out exactly what the endless Windows updates are actually doing, and for developers and security experts, it could mean that thanks to Microsoft assigning each bug an ID number that there is finally a common language in which to talk about bugs and exploits.
Of course, if you want to make sure your computer is safe from any bugs and exploits, the best thing to do is to make sure you've got all of the latest updates installed.
No comments:
Post a Comment