April’s Patch Tuesday was a complex one, especially for SQL-dependent applications. This hefty Patch Tuesday from Microsoft included 149 updates. While there were no zero-day vulnerabilities, key areas addressed include crypto APIs, networking and remote desktop connections. A major update to the Kerberos security system removes Windows 11 from the affected list, highlighting the importance of staying updated. For developers, 11 updates target the development platform, with 10 focused on SQL ODBC issues and 1 on .NET. While the .NET update can be added to the standard schedule, the ODBC updates require careful examination.
More info onMicrosoft Security updates for April.
This month’s Patch Tuesday from Microsoft was complexThere were no reported zero-day vulnerabilities, but number of updates, particularly those affecting SQL, OLE and ODBC components, underscores the importance of a thorough evaluation. Key areas of focus include file management, cryptography, networking, remote desktop connections and SQL-related functionalities. Given the interconnectedness of these systems, organizations should prioritize testing across their application portfolios to identify potential impacts. The update to the Kerberos security system is noteworthy, as it removes support for certain Windows 11 versions.
More info on Microsoft Security updates for March.
February’s Patch Tuesday from Microsoft was significant with a critical combination of vulnerabilities affecting Microsoft Outlook and Exchange Server, both actively exploited. These updates required immediate patch now. While most updates are rated important and can be added to standard release schedules, pay close attention to the recently exploited Windows SmartScreen vulnerability and update Windows immediately. For developers, core .NET and Visual Studio updates require standard release schedule inclusion. A new SignalR library was introduced for real-time web functionality in ASP.NET.
More info on Microsoft Security updates for February.
