Well, Patch Tuesday rolls around again, and it’s a truly frenetic month for Microsoft patches & updates!
- 14 bulletins
- 34 vulnerabilities
- Numerous reboots!
And yes, it’s a pain, but with eight of those patches rated critical you really can’t afford to ignore this lot.
The Microsoft Update process will automatically determine if you have software installed that requires any or all of the patches, so there’s no need you to agonise over which to apply and which to ignore.
Readers who want to know more can get detailed information on this month’s patches and updates by clicking here.
Background
On the second Tuesday of each month Microsoft releases software patches & updates for their various products, so this is a very important day for all Windows users who care about their privacy and security [full summary here].
Why? Well..
Often a Microsoft patch or update will close a vulnerability that, if left un-addressed, could allow an attacker to take complete control of your computer.
And that’s something you REALLY don’t want!
Keeping your installation patched up-to-date is so important that, whether or not you have Automatic Updates enabled, at this time of each month it’s still wise to manually double-check that everything that matters has been installed. Don’t be put off by the word “manually” — it’s a quick and easy process.
HERE’S HOW…
- Point your web browser to: http://www.update.microsoft.com
- Click the Custom button.
- Install any high-priority updates that are reported.
But Don’t Stop There!
In the column on the left-hand side of the Microsoft updates page you will see links for:
- Software, Optional (n)
- Hardware, Optional (n)
The number in brackets indicates how many updates of that type are applicable to your computer. If the number is anything other than (0) then click that link and investigate, installing the update if necessary (or if in doubt). Similarly, you may find relevant updates in one of the links under “Select by Product”, so do the same with any of those.
Webcast
Each month, in association with Patch Tuesday, Microsoft presents an online Webcast to address customer questions on the bulletins for that month. Webcasts are usually initially presented on the Wednesday, the day after Patch Tuesday, at 11:00 AM Pacific Time (US & Canada). They are also recorded and available for later viewing. To register for a Webcast or to view Webcasts that have passed, click this link.
By the way, if you’re not in the US/Canadian Pacific Time Zone, SymmTime is a great on-screen world time utility for converting times around the world. It’s free and highly configurable.
Did you know…
Many of the malware threats that you are frequently warned about in the various news and information media, on and off-line, should never be the slightest threat to you.
How come? Well, because…
If you made a habit of applying the patches & updates that are issued by Microsoft every month, you would be IMMUNE from infection by many of the tens of thousands of threats currently circulating on the Internet, with more being churned out by the cyber-grubs on an almost daily basis.
The vast majority of these threats get into your computer by exploiting some known vulnerability in Windows. When one of these vulnerabilities is patched by Microsoft, the threat becomes benign — but only if you have applied the free patch to your version of Windows.
So remember…
You Ignore Patches & Updates at Your Peril!
PS: In some of the related articles below you may encounter instances of “Microsoft recommends updating Internet Explorer to version 8″ and “Microsoft recommends avoiding blah blah blah” and etc. Listen up! You’ll be orders of magnitude safer if you take my advice instead — download the free Firefox browser and give Internet Explorer the flick. IE has been a real security problem for a long time and it’s going to continue to be so well into the future. Firefox is a far better browser in every respect.
Related articles:
- Microsoft releases record number of security patches
- Microsoft Investigating Color Management Bug In Windows 7
- Critical Updates for Windows, Flash Player
- Record Patch Tuesday: Where to Begin
- Record Patch Tuesday yields critical Windows, IE fixes
{ 3 comments… read them below or add one }
Hi Bill… I followed your update manual check but got a different result then what you show on this blog. When I clicked the link you show I got a page that told me to click on start, then program, then Microsoft update. There it doesn’t have the left hand links you talk about on software optional and hardware optional. Just thought you’d like to know this.
On another matter, I just have a questions about email. In the past couple of days I’ve been getting some spam emails using my main email address as a from and to address with bad subject lines. What I’m afraid of is does this mean these emails are being sent to others and to my contacts? I’ve been checking with my IP but so far nobody seems to know anything. Does that mean I’ll have to change my email address? Because that would take months to track all my contacts and subscriptions, etc. Thanks.
@DrDiane:
Diane, I hope I have answered your first question in this follow-up post.
As for your spam/e-mail concerns:
“does this mean these emails are being sent to others and to my contacts?”
Well, possibly but not necessarily. Depends a lot on the spammer, what list you’ve landed on, and other variables that are quite out of your control. This is just the sort of thing we have had to learn to live with. Sure, you can keep changing e-mail addresses, but I assure you that’s going to get very old very quickly. Just protect your “main” e-mail address as much as possible by not using it to subscribe to anything. Use throw-away e-mail addresses for that purpose.
Now please understand that that’s a very simplistic answer to a quite complex and many-faceted problem. If you really want to become spam educated and become a spam eradicator (as far as is possible anyway), I wrote a whole e-book on the topic (titled “Spam Warfare”), but it’s only available as a free bonus to purchasers of the The Hacker’s Nightmare.
If you really want to educate yourself on the topic there are indeed many things you can do. I have dozens of e-mail addresses, many of which I have had for several years, and many I’ve been quite careless with. But I suffer very little from spam and have systems in place that effortlessly manage what little I do get. It’s all explained in detail in “Spam Warfare” *IF* you want to go that far.
Pardon the plug, but my point is that it is a complex topic which I can hardly address adequately in a comment reply.
I hope that helps.
Hi Bill,
GREAT write-up; you just saved me the trouble of having to write my own…!
It’s very well written and very clear. I hope a lot of people read it.
I posted a link to it from my Facebook account and will also link to it from a couple of other places.
Best regards,
Tom Brownsword,
CISSP®, GCIA, Security+, ITIL V3 Foundations
Certified Computer Security Professional
Colorado Springs, CO