Windows

It's Microsoft Patch Tuesday: January 2010

Justin James gathers the information you need to make the right decision on applying Microsoft's January 2010 patches in your organization.

Happy New Year! Last month, I said that Microsoft had really gone off the rails regarding patching. This month, I take it all back. We have only one patch of note, a security patch for a problem in the font engine in Windows. There were no out-of-band patches, and all other items were minor. That being said, I highly doubt that this is anything more than the January lull; looking back at our Patch Tuesday coverage from January 2009, it looks to be as light as this one is. I certainly hope that February does not look like December did!

This blog post is also available in PDF format in a free TechRepublic download.

Security patches

MS10-001/KB972270 - Low (XP, Vista, W7, 2003, 2008)/Critical (2000): This patch fills a hole in the OpenType font engine. This vulnerability would allow specially crafted fonts embedded in a file (such as an Office file or something opened by Internet Explorer) to allow a remote code execution attack. The executing code has the rights of the currently logged on user, which is presumably why Microsoft gives a lower rating to the newer products. I recommend that you install this patch as soon as you can on your desktops and wait until your next patch cycle for your servers. 437KB - 1.2MB

Other Updates

No significant updates to report this month.

"The Usual Suspects": Updates to the Malicious Software Removal Tool (9.4 - 9.7MB) and Junk Email filters (2.2MB).

Changed, but not significantly:

  • KB971513 - Windows Automation API
  • KB973685 - Update to the XML 4.0 Core Services SP3
  • KB973688 - Update to the XML 4.0 Core Services SP2

Updates since the last Patch Tuesday

There have not been any updates since the last Patch Tuesday.

TechRepublic's Windows Vista and Windows 7 Report newsletter, delivered every Friday, offers tips, news, and scuttlebutt on Vista and Windows 7, including a look at new features in the latest version of the Windows OS. Automatically sign up today!

About

Justin James is the Lead Architect for Conigent.

5 comments
kc7fa
kc7fa

I think this will keep you busy doing your duty and earning your keep and taking home a nice pay check, I always say thanks to Microsoft for creating jobs worldwide.

mattohare
mattohare

I didn't have to restart my Vista system after the patches. I was delighted and surprised.

Mark W. Kaelin
Mark W. Kaelin

While this month's Patch Tuesday is relatively mild, do you think it will last until February's patches?

davidt
davidt

The bad guys have turned good, no more malicious exploits - all is good in the world of connectivity. Alas, I fear February will be brutal.

Jonnyrox
Jonnyrox

The bad guys all have turned good if by good you mean that they have turned their attention to hacking Windows 7 and are now paying less and less attention to XP

Editor's Picks