PATCH TUESDAY is here once again, the monthly opportunity for Microsoft to plug the holes and vulnerabilities in its systems and feel pleased with itself until someone reports another one and the whole process starts again.
This month there are nine security bulletins, three of which are marked as 'critical', the rest as 'important'. Top of the shop is MS15-009 which plugs no fewer than 41 vulnerabilities in Internet Explorer.
MS15-010 is a fix for six kernel problems in Windows that allow nasties to get in via a payloaded Truetype font. MS15-011 fixes a remote code execution bug that could allow full control of a Windows system.
Of the rest marked 'important', one is specific to server software, two are for Office, and the remaining three are for Windows itself.
Some of the fixes this month are a result of the controversial disclosures from Google's Project Zero, while others relate to yet more problems in Adobe Flash, which saw an out-of-sequence emergency fix earlier in the month and older versions of which have already been blocked by Apple on Mac machines.
Speaking about the vulnerabilities in Flash, Wolfgang Kandek, chief technical officer at Qualys, said: "February Patch Tuesday 2015 comes after a quite turbulent month for information security professionals.
"Not so much Microsoft, but Adobe has been keeping us busy with multiple disclosed zero-day vulnerabilities in the Flash software.
"All of the known issues have been very quickly addressed by Adobe (APSB15-02, 03 and 04), typically in less than a week.
"Still, it is worrisome to see the amount of problems that cyber criminals are able to find in software that we all have installed and use in our daily lives." µ
Now you can watch documentaries about horribly disfigured people whenever you like
Brad to the bone
Being in a minority of one doesn't make you right
WeWork needs a rework