Next Tuesday (14th May 2013), at approximately 1pm EST, Microsoft will be releasing its regular swathe of security updates.
And this month it will be particularly well received, as it is anticipated that amongst them will be a proper fix for the critical Internet Explorer 8 flaw that hackers have exploited to spread malware via US government websites such as the Department of Labor.
In a blog post giving advance notification of the “Patch Tuesday” updates, Group Manager of Microsoft Trustworthy Computing Dustin Childs said that the company would issue two Critical and eight Important-class bulletins, addressing a total of 33 unique vulnerabilities.
Most important, of course, are those critial security bulletins which this month address flaws in Microsoft Windows and Internet Explorer.
Microsoft has already released a “Fix it” tool which can act as a temporary band-aid against the Internet Explorer 8 vulnerability, but in all likelihood the vast majority of consumers would be unaware that it existed – let alone considered installing it on their computers.
If Microsoft is successful in releasing a proper fix for the Internet Explorer 8 zero-day flaw then they deserve applause for turning around a working patch so quickly.
As I wrote last week, a proper security patch like the one promised for “Patch Tuesday” is a much better solution than a stop-gap tool to address known attack vectors.
So, if your IT team is busy after Tuesday next week, applying security updates to the computers on your network – cut them a little slack. They’re doing what they can to keep your Windows PC protected against cybercriminals.
And if you’re responsible for maintaining the security of your own PC, make sure that you install the patches as soon as possible. For many users, the most sensible course of action is to tell Windows to install such security patches automatically.