Microsoft issues record number of security fixes
- By Wyatt Kash
- Jun 12, 2009
Microsoft set a new high — or as some might view it, a new low — this month, when it issued a record number of security fixes for 31 software vulnerabilities in its products on Patch Tuesday, June 9. More than half of the flaws were rated “critical.”
This is the largest number of vulnerabilities that Microsoft has ever addressed at one time since it began routinely issuing scheduled security updates on the second Tuesday of each month.
The previous record was 28, set last December, according to Ben Greenbaum, senior research manager at Symantec Security Response, in published reports.
Among the most significant software updates were patches that corrected eight security holes in various versions of Microsoft’s Internet Explorer Web browser, including IE8. The worst of them leads to random code execution that can permit exploitation.
Microsoft also issued patches to address vulnerabilities in Microsoft Office Word and another set in Microsoft Office Excel, which can allow remote code execution.
“From a vulnerability perspective, we've got a long way to go," said Ed Skoudis, co-founder of Inguardians, a security research and
consulting firm and editor of SANS Institute's weekly security alert newsletter. "With the massive number of Adobe and Apple Safari flaws announced this week, it feels like we are losing ground as our software becomes more brittle with each successive wave of patches.”
A summary of Microsoft’s June Security Bulletin updates is available here.
Wyatt Kash served as chief editor of GCN (October 2004 to August 2010) and also of Defense Systems (January 2009 to August 2010). He currently serves as Content Director and Editor at Large of 1105 Media.