While not quite as bad as last month’s 14 security bulletins, April’s Patch Day is bursting with updates. According to their summary, Microsoft released 11 security bulletins, some fixing serious issues. Windows administrators should put their heads down, dive in, and get patching.
By the Numbers:
- all current versions of Windows,
- Internet Explorer (IE),
- SharePoint Server,
- the .NET Framework,
- XML Core Services,
- and Hyper-V.
They rate four bulletins as Critical and the rest as Important.
Patch Day Highlights:
In my opinion, the HTTP.sys vulnerability is the biggest deal this month. While it doesn’t say so directly, this flaw affects all Microsoft’s IIS web servers. Simply by sending a specially crafted web request, an attacker can take over your web server. I would patch all your public Windows-based IIS servers…
View original post 1,326 more words