Microsoft Corp. last week issued 10 security updates that patched a record 31 vulnerabilities -- 18 marked "critical" -- in Windows, Internet Explorer, Excel, Word and other applications.
The bugs are the largest number that Microsoft has patched in a single month since the company began its regular update program in 2003. The previous record of patches for 28 flaws was set last December.
"This is a very broad bunch," said Wolfgang Kandek, chief technology officer at security company Qualys Inc.
"You've got work [to do] everywhere -- servers and workstations, and even Macs if you have them. It's not getting any better. The number of vulnerabilities [Microsoft discloses] continues to grow," he added.
Of the 10 bulletins, six patched some part of the Windows operating system, three patched an application or component in the Office suite, and one fixed several flaws in IE.
Eighteen of the 31 bugs carried Microsoft's most serious label in its four-step ranking, while 11 were tagged as "important," the next-lowest level, and two were judged "moderate."
Andrew Storms, director of security operations at nCircle Network Security Inc., suggested that users first patch the IE bugs.
:source: News source: computerworld.com