The Microsoft Patch Tuesday fixes are out and this appears to be one of those months when administrators will need to reschedule some other projects in order to make sure these patches are installed right away. There are five new patches, four of which Microsoft has rated as critical and The SANS Institute is recommending that admins apply the Windows CSRSS patch immediately. There has been exploit code for the CSRSS flaw available online since December, so this one clearly deserves immediate attention. Don’t be surprised to see reports of active attacks against this hole in the next couple of days.
In addition to the monthly fixes, Microsoft also pushed out a hotfix to the MS07-017 ANI cursor flaw patch. That patch was causing problems for some customers using certain applications.