Since today (July 14) is the second Tuesday of the month, Microsoft is releasing its usual monthly security patches for the Windows operating system and select Microsoft applications. While it is always important to apply these and other security patches as soon as possible, it’s particularly important this month because at least two of the six patches fix vulnerabilities that are being actively exploited.
One of the patches fixes a critical vulnerability in the Microsoft Video ActiveX Control that has often been in the security news in the past week. Nearly 1,000 websites in China are known to be infected with a malicious script that exploits this vulnerability. Fortunately, Trend Micro OfficeScan security software used by K-State is able to detect the code from these infected websites, but that does not mean it can detect all variants of this malware or other methods of exploitation. Thus, it is important that you keep your computer patched and that you exercise caution while browsing the Web.
Your computer should be configured to automatically check for and apply these monthly updates either directly from Microsoft or through a WSUS server on campus. If you are not sure that your computer is configured to automatically get these patches, talk to your IT support person or K-State’s IT Help Desk.