Miles Associates LLC

 Slates record-tying 34 patches for Windows, IE, Office and SharePoint

The patches will also quash two bugs that Microsoft acknowledged in February and April.

“I’d actually call this a moderate month,” said Andrew Storms, director of security operations at nCircle Security. “Looking at the criticality of the bulletins, and the fact that the number [of bulletins] is low, it doesn’t look like a huge month to me.”

By the numbers, however, next week’s updates will be huge. Although the 10 updates fall short of the record of 13 — first set in October 2009, then repeated in February 2010 — Microsoft will fix a total of 34 vulnerabilities, the same number as the current record, also set last October.

via networkworld.com.

No surprise that there are a lot of updates (11) and that there is something critical for just about everybody!

Microsoft Security Bulletin Advance Notification issued: April 8, 2010

Microsoft Security Bulletins to be issued: April 13, 2010

This is an advance notification of security bulletins that Microsoft is intending to release on April 13, 2010.

via Microsoft Security Bulletin Advance Notification for April 2010.

These are hilarious.  I thought the best (quoted here) were from Windows.

Euphemism #3
Error message: “Windows has encountered an error and must shut down.”
Translation: Now you’ve done it.

Euphemism #4
Blue Screen of Death (BSoD) message: “Check for viruses on your computer. Remove any newly installed hard drives or hard drive controllers. Check your hard drive to make sure it is properly configured and terminated. Run CHKDSK /F to check for hard drive corruption, and then restart you computer.”
Translation: Oh sh*t.

Euphemism #5
Error message [Windows XP]: “Error copying File or Folder: A system call that should never fail has failed (While copying a file to the desktop).”
Translation: Sometimes the instability of this OS surprises even us.

Euphemism #6
Warning message: “Buffering video stream.”
Translation: Upgrade your slow DSL line, buddy.

Euphemism #8
Error message: “Non-System disk or disk error.”
Translation: If you don’t have a backup, put your head between your legs and kiss your data goodbye.

Euphemism #9
Error message: “Microsoft (MSFT) Word has stopped working.”
Translation: You have stopped working.

via Tech Euphemisms: What Those Error Messages Really Mean.

SharePoint Bible: Your Complete Guide to Microsoft’s Collaboration Software

via SharePoint Bible: Your Complete Guide to Microsoft’s Collaboration Software.

Microsoft today announced it will issue an emergency security update for Internet Explorer IE tomorrow to patch a zero-day vulnerability that has been used to launch drive-by attacks for at least several weeks.

Tuesday’s update will be the second out-of-band update — Microsoft’s term for one outside its normal once-each-month Patch Tuesday — in the last three months.

via http://www.networkworld.com/news/2010/032910-microsoft-to-patch-ie-zero-day.htm

Out of the 13 advisories this month, administrators are advised to patch MS10-006, MS10-009, MS10-013, MS10-015, and MS09-012 immediately. Machines with Microsoft Office installed should also be patched for MS10-003 and MS10-004 as soon as possible. The remainder of the patches should be applied after environment testing, or to environments that have the specifically affected software deployed.

As always, eEye suggests that users roll out Microsoft patches as fast as possible, preferably after testing the impact on internal applications and network continuity.

via eEye Digital Security .

There are several practical workarounds in this bulletin.  Primarily, enable Protected Mode in the Internet zone and make sure to move any questionable sites out of the Trusted zone.

via Microsoft Security Advisory 980088: Vulnerability in Internet Explorer Could Allow Information Disclosure.