Microsoft must not feel the love leading up to Valentine’s Day; February is often replete with Windows updates.
This Patch Tuesday had just a few critical updates you need to take care of immediately; the rest can wait until you have some spare time.
An urgent update for Internet Explorer
KB 2797052 is one of those all-too-common, critical, across-the-board patches for Internet Explorer. So before you start sending Valentine’s wishes, warn your friends and family that this patch should be a high priority.
This patch affects all supported versions of Windows (including Windows RT) and Internet Explorer (Versions 6 through 10, including IE 10 Release Preview for Win7).
KB 2797052 fixes a newly discovered vulnerability in the Vector Markup Language (VML; Wikipedia info) buffers. VML is often used in recent versions of Office. There are already reports of proof-of-concept attacks using this exploit, so it’s likely there’ll be real threats within the next 30 days.
What to do: Install KB 2797052 (MS13-010) as soon as possible
And a rollup of fixes for Microsoft’s browser
Another in the regular cycle of cumulative IE updates, KB 2792100 patches 13 different vulnerabilities — any one of which could lead to a remote attack on your PC. (The update includes the out-of-cycle patch Microsoft released Jan. 14 in MS13-008.) For a list of affected vulnerabilities, see the Vulnerability Information section in MS13-009. The Acknowledgments section provides an interesting list of who’s reporting these threats.