Yesterday Microsoft issues patches for 49 security holes in Internet Explorer, Windows and other software. This is the largest number of bugs to be squashed in a single Tuesday release.
The 49 fixes were classed as critical, one of the highest security ratings that generally indicates potential ‘rogue takeover’ issues. One of the major issues was a flaw which was fixed allowing code to be run that targeted the common control library.
When we turned on our Windows 7 computer this morning, we didn’t quite find all 49 patches, but we noticed quite a few for our relatively clean install.
Ten of the vulnerabilities lie in Internet Explorer and two of these are also tagged as ‘critical’ fixes. These are related to malicious attacks by simply visiting a website with the code lying in wait. This patch fixes IE V7 and V8 running on both Windows Vista and Windows 7 – which is ironic as they were designed to help stop this particular exploit.
Windows XP also gets a major bug fix with a privilege escalation vulnerability exploited by the Stuxnet worm which many think is created to target Iran’s nuclear program. This worm exploits four previously unpatched Windows vulnerabilities and three of these have been patched yesterday. One still has to be sorted, by Microsoft say a fix is in the works for release at a future date.
KitGuru says: The 49 fixes yesterday break the previous record of 34 in October 2009.