back to article Sadly, 111 in this story isn't binary. It's decimal. It's the number of security fixes emitted by Microsoft this week

The May edition of Patch Tuesday landed this week. And there are scores of security fixes to install. A total of 111 fixes were released by Microsoft, though on the bright side none are being actively exploited, as far as we know. Sixteen earned Microsoft's top rating of critical, and range from remote code execution to …

  1. Mike 137 Silver badge

    To paraphrase Yoda ...

    "A total of 111 fixes [...] none are being actively exploited ..."

    Now they've been announced, to paraphrase Yoda "they will be ... they will be". So grit your teeth and hope none of the fixes bork your systems.

    1. robidy Silver badge

      Re: To paraphrase Yoda ...

      That MS know of, am sure thete are gutted nationstate hackers out there :)

      2020-1118 needs a mention...it may ONLY be DDOS level but it's client and server based in TLS.

      1. diodesign (Written by Reg staff) Silver badge

        Re: Re: To paraphrase Yoda ...

        Done - thanks for the heads up.

        C.

    2. BGatez Bronze badge

      Re: To paraphrase Yoda ...

      " none are being actively exploited ..." that we know of

  2. analyzer

    Disappointment

    That no one, and I mean no one, took advantage of that being a Nelson. The headlines possible from that.

    Microsoft users sinking under a Nelson of fixes

    A Nelson of fixes broadside Microsoft users

    The possibilities that have been squandered :-(

    1. Charlie Clark Silver badge
      Coat

      Re: Disappointment

      I see no errors!

  3. big_D Silver badge

    Outlook?

    Any news on the two bugs introduced into Office 2016/2019/365 a couple of weeks back that stops search working if local caching is turned on and complains that you don't have rights to "send as..." on joined accounts?

  4. Roland6 Silver badge

    And unsupported versions of Windows

    "One standout programming blunder was CVE-2020-1067, a remote-code execution (RCE) vulnerability in all supported versions of Windows."

    This would suggest the vulnerability is in both 32-bit and 64-bit code and thus has been around sometime; I wonder which is the first version of Windows it occurs in - NT 3.51? - has anyone investigated?

    1. big_D Silver badge

      Re: And unsupported versions of Windows

      As the patches only cover supported versions of windows, they say that all supported versions.

      Usually they affect unsupported versions as well.

  5. Pascal Monett Silver badge
    Stop

    "opening maliciously crafted files"

    Never open a file from someone you don't know until you've checked that they had a reason to send it to you.

    Never open a file from someone who's mail domain is not from the domain they say they work for.

    Never open a file without checking that the extension is legit (a .pdf.exe is a big no-no).

    And never, ever open a file from an email that says some throw-away easy phrase like "Important information enclosed !". It's just another skiddie trying to get you to open malware.

    1. Boris the Cockroach Silver badge
      FAIL

      Re: "opening maliciously crafted files"

      You can hang that sign in front of some user's moniters and the bastards still click OK on a spam email with an attatchment.....

      <<<wondering how you get around the '2 meter' seperation rule in order to nail someone's head to the desk.....

      1. stiine Silver badge
        Thumb Up

        Re: "opening maliciously crafted files"

        I have one in the garage. it a 25kg tempered steel rod 4cm in diameter. That and a large sledge hammer should work just fine, but it might take three people to do it.

  6. Updraft102 Silver badge

    "Sadly, 111 in this story isn't binary. It's decimal. It's the number of security fixes emitted by Microsoft this week"

    Would you rather they had patched only 7 of them?

    1. robidy Silver badge
      Coat

      You must be a barrel of laughs.

      If you mean Windows 7, then yes :)

  7. Lorribot

    Don't ignore Adobe's incompetance

    111 sounds alot but that is in a number of different programes, most of which are quite complex, Adobe managed 36 in two relatively simple applications, but this programming inadquacy seems to have been glossed over by the reporter and should have more scorn aimed at it..

    1. stiine Silver badge

      Re: Don't ignore Adobe's incompetance

      You're correct, that's not actually a lot. Now if you add up all of the bugs in Windows 10 that have been fixed. That's a lot. Its also separate from the 'a lot' of bugs fixed in Server 2012 R2, and separately in Server 2016 and separately in Server 2019.

      I bet Microsoft will still be fixing bugs in Windows when the sun dies.

    2. BGatez Bronze badge

      Re: Don't ignore Adobe's incompetance

      A lovely side effect of subscription software is always being a beta tester

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020