Dark Black Tuesday Coming Up: 17 Microsoft Bulletins

Published: 2011-04-08
Last Updated: 2011-04-08 15:43:30 UTC
by Johannes Ullrich (Version: 1)
3 comment(s)

Microsoft got big plans for everybody for next Tuesday, and I hope you haven't made any dinner plans because you will be busy patching (or working with your old friends like WSUS to get the patches tested and released).

A total of 17 Bulletins are going to be released according to Microsoft's pre-release. 9 bulletins are rated critical and 8 are rated important. It pretty much affects the usual suspects (Windows, Internet Explorer and Office) as well as some less regular guest starts like Microsoft's developer tools.

The critical patches apply pretty much to all versions of Windows (XP, Vista, Windows 7 and 2008) with one or two exceptions.

[1] http://www.microsoft.com/technet/security/bulletin/ms11-apr.mspx

Johannes B. Ullrich, Ph.D.
SANS Technology Institute

3 comment(s)


The 17 bulletins cover 64 vulnerabilities according to ZDNET. I predict april showers of malware. It sounds like there are already 0-days attacks in the wild for the MHTML vulnerability. (Microsoft Security Advisory 2501696)
Not that the federal government patches immediately but this could be interesting if there is no one to patch systems for a week, two... who knows. I've already been told I "have not been identified as excepted " :(
Anyone else getting a page not found error when clicking on the April 2011 ANS link from the Microsoft RSS feed at http://www.microsoft.com/technet/security/bulletin/RssFeed.aspx?snscomprehensive ?

Diary Archives