This month, there are seven bulletins, of which five are critical and two are important. Fortunately, none are currently under active attack, so that should set IT’s mind at ease as they begin to apply this set of patches.
Since 2012 is coming to an end, Paul Henry, security and forensic analyst, Lumension pulled together a quick look at the numbers year-over-year. In 2011, Microsoft had 100 bulletins for the calendar year, of which 34 were critical, 63 important and three moderate. In 2012, they reduced the number of bulletins by close to 20 percent, coming in at 83 bulletins for the year, of which 35 were critical, 46 important and two moderate. According to Henry, it’s great to see that Microsoft’s Secure Coding Initiative is paying off, reducing the number of vulnerabilities in their software, resulting in an easier time for IT at Patch Tuesday time.
Another trend that’s interesting to note is Microsoft’s consistency. When you look at the numbers in-depth, you can see that in 2011, there was a bit of yo-yo’ing going on with Patch Tuesday. For example, in January, there were two bulletins, while February had 12. March then went back down to three, but April went up to 17, while May went down to two and June back up to 16. IT might have felt like they had whiplash by the end of the year! In contrast, January of this year had seven, slight increase to nine in February, then six in both March and April, and seven in both May and June. In fact, only one month – September, at three – was lower than six or higher than nine. The degree of consistency makes it easier for IT to plan out the time and effort they’ll need to spend on Patch Tuesday each month.
Making sure your organization's website is safe, secure and running without any malicious activity under the radar is a major concern today. ... More >>
Chances are that you or someone you know has had an account hacked. Here are steps you can take to help keep your accounts from being breached again. ... More >>
Unveiling new technologies designed to help reduce cyber threats and protect against devastating attacks that can cripple a company or wipe out a consumer’s bank account. ... More >>