Microsoft’s Mega Patch Tuesday

Microsoft is gearing up for the release of its largest number of security updates and patches on this Patch Tuesday which will rival the previous highs of 12 security bulletins (February 2007 and October 2008). This release cycle will have 13 and also has eight bulletins that fall into the “critical” category which affects all versions of Windows, including the yet-to-be-released Windows 7. Affected software includes SQL Server, Microsoft Office, Internet Explorer, several important tools used by developers and the enterprise-grade Forefront Security client software.

What does this mean for owners of small and medium businesses? For one, the Server Message Block (SMB) and IIS vulnerabilities have been fixed and this is critical for owners of Small Business Servers where file sharing and web services are on by default and almost automatic. The SQL Server update will affect small businesses who use it as the back-end for websites.

Another important factor is that these updates and patches will undoubtedly require a reboot and for a company with the one server that has everything on it, that may mean some down time. More critical is that these reboots may affect IP address distribution if the patch resets your network from say a fixed IP environment to DHCP without warning. That could lead to IP address conflicts.

So expect a busy month ahead as IT admins scramble to test and deploy this monster patch release.

Happy computing everyone.