Get on-the-go access to the latest insights featured on our Trustworthy Computing blogs.
Ever wondered where Update Tuesday bulletins come from, or what it’s like around Microsoft when a serious information-security situation arises? Or wondered who precisely is responsible for getting your monthly bulletin releases out the door?
Update Tuesday, which brings us here today, is one of the most prominent results of that famous Bill Gates memo that put security at the center of Microsoft’s development and support efforts -- just over 10 years ago. We Trustworthy Computing folk tend to look more to the future than to the past, but on the 10-year anniversary a few of us sat down to talk about incident response, the security ecosystem, and how Microsoft collaborates with the industry:
Meanwhile, as I previously mentioned in the Advance Notification Service blog post on Thursday, today we are releasing nine security bulletins. Four of those are rated Critical in severity, with the remaining five classified as Important.
The bulletins will address 21 vulnerabilities in Microsoft products. Customers should plan to install all of these updates as soon as possible. For those who must prioritize deployment, we recommend focusing first on two critical updates:
In this video, Yunsun Wee discusses this month's bulletins in further detail.
Below is this month’s deployment priority guidance, to further assist customers in their deployment planning (click for larger view).
Our risk and impact graph shows an aggregate view of February’s severity and exploitability index (click for larger view).
You can find more information about this month's security updates on the Microsoft Security Bulletin Summary web page.
As usual, our colleagues in SRD have prepared blog posts that delve more deeply into technical aspects of this month’s releases. In addition to a chart delving into this month’s deployment priorities, SRD unpacks the details of MS12-013 and takes a longer look at MS12-014, which touches Indeo – a multimedia codec predating no small percentage of the people reading this sentence.
Per our usual process we’ll offer the monthly technical webcast on Wednesday, hosted by Pete Voss and Jonathan Ness. They’ll talk over the February bulletins, discuss changes on the horizon for Technet, and answer some questions we’ve been receiving about the support lifecycle for Vista. The webcast is scheduled for tomorrow, February 15, 2012, at 11 A.M. PST. Click here to register, and as always we look forward to taking your questions live during the webcast.
Thanks, Angela Gunn Trustworthy Computing.