| By Susan Bradley |
Every time I see a .NET update, I look for a good excuse not to patch. Unfortunately, this time I’m coming up empty.
The good news: Most of October’s Patch Tuesday updates are relatively minor.
Roll up the sleeves and install .NET updates
This month’s .NET update addresses a vulnerability that’s a greater threat than the risk of any patch-installation issues. While there are no known attacks at this time, I expect attack code to show up within the next 30 days. The risk is to any browser that supports Silverlight — which of course means IE but could also apply to Firefox and Chrome.
The patch is rated critical for all current editions of Windows running versions of .NET Framework 1.0 SP3 and up. (If an application has installed .NET 4, you’ll be offered two .NET 4 updates.)
Unfortunately, as we all know, .NET patches are some of the most troubling updates to install. If you run into problems installing .NET Versions 1 through 3, follow the instructions in MS Support article 923100, which will remove all versions of .NET installed on your system and then reinstall them, one by one. Also review Aaron Stebner’s blog post for additional help.
Many Windows Secrets readers ask whether they even need .NET, given its update issues. It depends on the applications you run — .NET provides a coding platform, and many vendors use it to build and run applications. For example, the recently released QuickBooks 2012 installs .NET 4 as part of its overall installation routine.