“I have a Windows computer. Is it really necessary that I apply all Microsoft updates?”
This is typically the question many people find themselves asking when they see that little yellow shield in the bottom right corner of their screen. The answer to this question is “Yes!” Many people have a tendency to ignore or procrastinate on these updates, but for your security and your company’s, this should be done as soon as a Microsoft update is available.
Microsoft fixed 19 vulnerabilities in “November’s Patch Tuesday update day” (November 13, 2012). This patch affected Internet Explorer 9 and all versions from supported Windows Operating Systems, including Windows 8. Microsoft released six bulletins, four of which have been rated critical, according to the Patch Tuesday notification advisory.
Microsoft said the update for Internet Explorer and all versions of the Windows operating system were the most urgent.
Paul Henry, security and forensic analyst at Lumension, said “The three remote code execution vulnerabilities in in Windows kernel-mode drivers are related to the malformed font issues. Microsoft has been dealing with this for a while.”
A user on an unpatched system could be compromised by visiting a malicious page using specially-crafted TrueType font files.
76 patches have now been released by Microsoft in 2012.