NEWS FROM THE LAB - Monday, October 12, 2009

Patch Tuesday the 13th, Part II Posted by Sean @ 16:08 GMT

Last week, Christine noted that Patch Tuesday the 13th is approaching. In fact, it's tomorrow.

This month's Microsoft Updates include 13 bulletins which fix 34 vulnerabilities. This is going to be a large number of updates.

Advance Notification Bulletin, October 2009
See the Microsoft Security Bulletin for October 2009 for the full details.

And on top of that… it's also time for Adobe's scheduled updates.

If you still happen to Adobe Reader installed, you'll want to apply this update asap as there are targeted exploits being circulated.

Adobe Security Advisory, 10.08.2009
See Adobe's Security bulletins and advisories for additional details.

Now then, one other thought regarding this October's Microsoft Updates…

Last October brought an out-of-cycle patch for Microsoft Windows. Just what did that patch? The Conficker vulnerability.

Because it was out-of-cycle, and because of the approaching holiday season and subsequent staffing issues, numerous organizations failed to readily test and deploy the update. Many of those organization then later had to deal with Conficker infections.

So how about now, which is National Cybersecurity Awareness Month, everyone focus on rapidly deploying these updates so we'll all be ready for whatever might turn up later, eh?

Because as we should all realize by now, the bad guys like to sit on 0-day vulnerabilities waiting for the worst possible timing.

Safe and efficient patching to you.