Microsoft Readying 9 Security Bulletins for February Update

While this month's Patch Tuesday will land on Valentine's Day, Microsoft will be delivering nine not-so-sweet bulletin items -- with four of them being classified as "critical" and five "important."

All four of the critical bulletins will take care of remote code execution flaws for multiple versions of Windows, Microsoft .NET Framework and Microsoft Silverlight. As for the five less-critical items, they will attack both elevation of privilege and remote code execution holes in Windows, Office and Microsoft Server Software.

While the somewhat large number of bulletins this month is not unusual for February's Security Update, what is out of the ordinary is the fact that Microsoft's OS is getting so much attention. "Their advance notification indicated they plan to release nine bulletins, and 21 CVEs next Tuesday," wrote Andrew Storms, director of security operations for nCircle. "This is very consistent with last year's 'valentine delivery' that included 12 bulletins and 22 CVEs. It's surprising that this month's patch affects almost every Windows operating system -- each OS is affected by five of the eight applicable bulletins."

Storms continues by discussing the reason why this is strange that, included with last month's 7-bulletin release, a large majority of issues are coming from newer Windows OS versions. "That's kind of weird because newer OS versions are generally more secure."

As with every Security Update rollout, IT should prioritize the critical items first, but only apply after adequate testing has been completed.

While Microsoft has not issued any detailed information on the bulletin items, a heads-up on what to expect can be found in the company's Security Bulletin Advance Notification.

About the Author

Chris Paoli is the site producer for and


  • Microsoft 365 Business To Get Azure Active Directory Premium P1 Perks

    Subscribers to Microsoft 365 Business (which is being renamed this month to "Microsoft 365 Business Premium") will be getting Azure Active Directory Premium P1 licensing at no additional cost.

  • How To Use .CSV Files with PowerShell, Part 1

    When it comes to bulk administration, few things are handier than .CSV files. In this two-part series, Brien demos his top techniques for working with .CSV files in PowerShell. First up: How to create a .CSV file.

  • SameSite Cookie Changes Rolled Back Until Summer

    The Chromium Project announced on Friday that it's delaying enforcement of SameSite cookie changes, and is temporarily rolling back those changes, because of the COVID-19 turmoil.

  • Basic Authentication Extended to 2H 2021 for Exchange Online Users

    Microsoft is now planning to disable Basic Authentication use with its Exchange Online service sometime in the "second half of 2021," according to a Friday announcement.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.