Commenting on the April patch from Microsoft, Alan Bentley of Lumension says, “Following a relatively light Patch Tuesday in March, this month’s bulletins will have IT managers back on their feet scrambling to implement the 64 patches, nine of them rated critical. 15 of the 17 bulletins address remote code execution vulnerabilities.
“Most noteworthy of the patches is MS11-018, a critical patch for IE6, IE7 and IE8 on Windows clients. Without the patch, browsers are instantly compromised from the moment a user visits a malicious site.
“The two SMB-related bulletins, MS11-020 and MS11-019 are both geared towards fixing vulnerabilities in SMB Server and SMB Client, both of which could leave servers available for hackers to take control of them.
“While some IT managers may have had their feet up in March, this month’s Patch Tuesday is further evidence that our systems still aren't up to par. Most of these patches will require a full restart meaning organisations will need to schedule time for the updates.”