NewsMicrosoft's May Security Patch Is Light After Massive Load in April
Microsoft's security update, which is expected on Tuesday, May 10, is relatively light compared to last month's massive patch load.
The one "critical" item will address remote code execution vulnerabilities in Windows Server 2003 and 2008. The important item will be designed to plug an RCE security concern with PowerPoint in Microsoft Office. Office XP, Office 2003 and 2007, and Office 2004 and 2008 are among the affected versions.
"While the light patch load for May will be disruptive, it isn't out of the ordinary. What we do need to worry about is that in light of recent mega-breaches, we are obviously not getting it right when it comes to protecting ourselves," said Paul Henry, security and forensic analyst at Lumension. "People need to reevaluate their security infrastructure and perhaps even their priorities."
IT pros could take advantage of the light load this month by checking out this Microsoft Knowledge Base article. It describes nonsecurity patching being delivered through Microsoft's client update services and Windows Server Update Services.