Microsoft
Microsoft has released 12 bulletins for February 2013 with 5 listed as critical (see the note below about MS13-010) and the remaining 7 listed as important. It’s important to note that ALL of the ones listed as critical can allow remote code execution (an attacker can install programs on your computer without your knowledge or permission). Additional details are available from Microsoft here.
MS13-010 is getting it’s own special mention here. If you’re running Windows, you’re affected. This vulnerability affects IE6, IE7, IE8, IE9 and IE10 on all supported platforms. I’ll forego the normal warnings about using IE (don’t use IE, I just can’t help myself) but this vulnerability is reportedly being actively exploited in the wild.
Adobe
As of the time of this article, Adobe has released 3 updates affecting Shockwave (do you have Shockwave installed? Why? Remove it) and Flash player. Additional details are available from Adobe here.
Java
Ok, Java. If you don’t need it, remove it or at least disable it. If you do need it, check daily (or hourly) to make sure that you have the latest version. Java downloads are available here.
In related news, it’s rumored / speculated / hypothesized that a Java exploit was used to breach the Mac computers of Twitter employees. Details are sketchy and the only really credible info that I could find was on sites that I’m just not going to link to here (Google is your friend).
Misc
For those that haven’t heard, we’ve teamed up with WYXC Radio and Web Magic to do Tech Talk, a weekly radio show on WYXC AM1270 each Wednesday morning from 9:00am until 10:00am. We’ll be discussing the latest in technology and will likely spend a little time on Patch Tuesday this week. If you’ve got something specific you’d like to hear or have a question, don’t hesitate to call in. You can listen to the show on the radio or stream directly from the site.
Monthly Update Clients
* If you are not currently taking advantage of our monthly update service and would like more information or to sign up, additional information is available here
For our Monthly Update clients, if a date and time hasn’t already been scheduled to install your updates, we will be contacting you shortly to schedule. If you aren’t already taking advantage of our monthly update service, there’s no time like the present to get started. We offer a monthly update service to keep all of your computers up-to-date for a low monthly fixed price with no long-term committment. Additional information is available on our website.