Patch Tuesday has arrived, bringing with it the monthly crop of Microsoft security patches. September has a total of nine bulletins, fixing a total of 11 vulnerabilities, all but one of which affects Windows, two cover Microsoft Office, and one covers both Windows and Office.
In general for this Patch Tuesday, users of older Microsoft products are worse off. Not only are they covered by more bulletins, they are also subject to more critical security issues, as summarized in the table below.
|OS||Total Number of Bulletins||Critical Bulletins|
|Windows XP SP3||8||3|
|Windows Server 2003||8||2|
|Windows Server 2008||5||2|
|Windows Server 2008 R2||3||0|
For the two Microsoft Office bulletins, it is a similar story. Users of all versions—from Office XP to Office 2007—are affected though only users of Outlook 2002, a component of Office XP, face a critical vulnerability.
Enterprise users of Trend Micro products such as Deep Security and OfficeScan with Intrusion Defense Firewall (IDF) plug-in can use these to protect themselves until Microsoft completes its rollout of this month’s updates. Home users should visit the Windows Update site to download the patches as soon as possible.