When Patch Tuesday rolled around last month, we were busy smirking about how running Server Core meant that you could avoid many of the inevitable updates. But that isn’t the case all the time, and this month proves the point.
Tuesday picture from Shutterstock
Microsoft’s pre-announcement of the expected Patch Tuesday content (which will hit, as usual, on Wednesday Australian time) includes many of the usual suspects: every single version of Internet Explorer needs patching, for instance. There’s also a patch for Lync 2013, a platform which is promising further updates in the near future to further enhance its interoperability with Skype.
The seven announced patches are broad enough that even stripped-down Server Core installations, which exclude everything that requires a graphical user interface, will also need patching and rebooting. All the relevant versions (for both 2008 and 2012 versions of Windows Server) are affected by the patch, which fixes a remote code execution vulnerability. That’s a task which will have to be scheduled for minimal disruption.
All that adds up to a potentially complicated month. As Sophos’ Paul Ducklin puts it: “The range and reach of this month’s updates means it would be wise to make sure that you have all your operational ducks in a row before the patches actually come out.”