Microsoft published its Patch Tuesday preview for February of 2012. IT admins can expect nine bulletins to address 21 security vulnerabilities. It looks like four bulletins will be rated critical while the rest are designated as important. Affected Microsoft products are: –Windows –Internet Explorer –.NET Framework –Silverlight –Office –Server Software Wolfgang Kandek, CTO of Qualys, offered me his assessment in an email: “As expected we are getting a larger batch of nine bulletins addressing a total of 21 vulnerabilities. Four bulletins are classified as “critical” and the remaining as “important”. There is the expected critical update to Internet Explorer which should be highest priority. After all, we saw last month how quickly attackers are incorporating browser based attacks into their toolkits; an exploit for MS12-004 was detected a mere 15 days after Patch Tuesday. “There are also two critical fixes for WIndows itself, plus one for the .NET framework that should be prioritized. In the “important” category, there are three Remote Code Execution vulnerabilities, one of them in Office. Most likely we are looking at file based attacks and at least the Office vulnerability should be included in your first tier of patching.” And now you know… Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe