It’s patch Tuesday so as we all expected, Microsoft released number of security patches today, total in 7, with 1 critical and the rest in important class that addresses 20 issues in Microsoft Windows, SQL Server, and Office including SharePoint, Lync, and InfoPath. All patches should be installed as soon as possible but for those who must prioritize the deployment, MS12-064 which addresses Office issue need to go first.
Here is the summery of what you expect to see in your Windows Updates later today.
Patches rated as Critical
MS12-064 – Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319)
Patches rated as Important
MS12-065 – Vulnerability in Microsoft Works Could Allow Remote Code Execution (2754670)
MS12-066 – Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2741517)
MS12-067 – Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2742321)
MS12-068 – Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2724197)
MS12-069 – Vulnerability in Kerberos Could Allow Denial of Service (2743555)
MS12-070 – Vulnerability in SQL Server Could Allow Elevation of Privilege (2754849)
As an advanced note, Microsoft has also scheduled another independent security update next Tuesday to address the Minimum Certificate Key Length issue described in Security Advisory 2661254. The new requirement will raise the bar to increase the minimum RSA Key Length to 1024 bits to help customers strengthen their certificates.