Microsoft readies monster-sized security patch for Windows users

Graham Cluley
Graham Cluley
@[email protected]

Mud golem. Image from ShutterstockPatch Tuesday is approaching, and for users of Microsoft’s software it’s going to be a monster.

In all, 57 separate security flaws are waiting to be fixed.

Perhaps the biggest concern will be related to the security holes in Internet Explorer.

According to Microsoft, every single version of Internet Explorer – from version 6 to version 10 – needs to be patched, as they are vulnerable to exploitation by drive-by attacks.

Sign up to our free newsletter.
Security news, advice, and tips.

That means that simply visiting a boobytrapped webpage could silently infect your computer with malware – hijacking your PC for a hacker’s own ends.

According to an advisory from the software giant, five of the 12 security updates have been given Microsoft’s highest severity rating of “critical”.

The worry will be, of course, that malicious hackers will examine the patches released by Microsoft and attempt to release exploit code to take advantage of vulnerable computers shortly afterwards.

The longer you take to update the security patches on your computer, the greater potential risk you could find yourself in.

Of course, the worry is even worse for corporations – many of whom are reluctant to automatically roll-out Microsoft security patches until they are confident that they don’t cause conflicts that could increase calls to the internal support department.

So, if you are responsible for the security of your computer – do try to install the patches promptly.

If you work at a firm where there is a team who look after the computers on your behalf, buy them a cup of coffee and show a little more consideration next time you ring up to say that the laser printer has run out of toner again – it can’t be much fun to have to deal with the multitude of security patches that come out every month.

Microsoft’s security patches, alongside more detailed information, are due to be released at 1:00pm EST on Tuesday 12th February. Aside from Internet Explorer, other affected software dealt with by the patch includes Microsoft Windows, Server Software, Office, and .NET Framework.

Mud golem image from Shutterstock.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.