Next Tuesday’s 17 security bulletins will address 64 known vulnerabilities across all current Windows versions plus MS Office, Internet Explorer, Visual Studio, the .NET Framework, and GDI+ (current version of the graphics device interface code for C/C++ that handles basic 2-D graphics on-screen). Nine of those 17 bulletins are rated as “critical,” which is Microsoft’s most dire security label for updates.
Check out this partial screencap from the Microsoft Security Bulletin Advance Notification for April 2011, just released yesterday (4/7/2011).
As is usual for advance notifications, the details are not yet exactly clear, nor will they be clarified until Patch Tuesday arrives and the actual April 12 Security Bulletin is released. It seems pretty clear that IT admins should prepare some lab time, so they can start assessing the impact of rollouts on their production environments. With nine critical updates in this mix, it’s a sure bet that some or all of those items will be on their “must-handle” lists at around 11 AM PDT Tuesday, when MS traditionally releases its bulletin and pushes the updates into the Windows Update environment.