Patch Tuesday yielded 34 vulnerability patches from Microsoft in Windows, Internet Explorer (IE), Office and other software, 15 of them labeled “critical” by the company.
Of the 16 updates, or bulletins, nine were critical, the most-serious rating in the company’s four-step scoring system, while the remaining seven were tagged “important,” the next-most-dangerous category.
This was the second largest amount of patches issued, with the company offering 64 fixes in April. In addition, the 16 bulletins placed second to the 17 issued in April.
Fifteen of the 34 vulnerabilities were critical, 17 were important, and two were moderate.
Among the deploy-immediately bulletins, MS11-050 offered 11 patches for IE that Microsoft and independent experts pinned to the top of their lists.
Attackers could exploit nine of the 11 bugs in IE using a drive-by attack which requires users to visit a malicious Web site.
MS11-052 also affected IE, although Microsoft labeled it as a Windows update.
Only IE6, IE7 and IE8 can exploit the vulnerability patched in MS11-052, not rival browsers.
MS11-042 updates DFS (distributed file service), which is used by administrators to group shared folders located on different servers, to patch a pair of bugs — one critical the other important, in Windows. Microsoft rated the flaw as critical only on Windows XP and Windows Server 2003.
You can download and installed patches via the Microsoft Update and Windows Update services, as well as through Windows Server Update Services.