Microsoft has shipped eight security updates that patched 23 vulnerabilities in Windows, Internet Explorer (IE), .Net Framework, Silverlight and other bits in its portfolio.
Two of the updates are "critical" (Microsoft's most-serious threat ranking), and six were rated "important" (the next-most-severe tag).
The two critical updates -- MS11-081 for IE, and MS11-078 for .Net and Silverlight – have been determined by Microsoft as well as by outside researchers as the pair to apply first.
“One of the eight critical vulnerabilities in the IE update affected just IE9, which shipped last March. Microsoft has patched IE9 before today, but this is the first it's needed to fix a flaw specific to only that edition. The IE9-only vulnerability is in that edition's version of a JavaScript DLL (dynamic link library) used by that browser. As usual, the IE vulnerabilities could be exploited by hackers with a classic "drive-by download" style of attack simply by convincing users to steer for a malicious website.
"Every time you see one of these [IE] updates, you need to patch them immediately," said Jason Miller, of VMware's research and development team.
The second consensus top-pick was the update for .Net -- a Windows-centric software framework -- and Silverlight, a Microsoft application framework for content-intensive websites and online applications.
Like the IE update, MS11-078 can be exploited by attackers who dupe users into visiting a malicious website. Worse, the flaw could be exploited by hackers targeting not just IE users, but Mac owners running a browser with the Silverlight plug-in, or Windows users running the plug-in within Apple's Safari, Google's Chrome or Mozilla's Firefox. "By my reading of the bulletin, it's cross-browser and cross-platform," said Miller.
Microsoft updated its Mac Silverlight plug-in separately, Mac users should immediately download and install the newest version from the Silverlight website.” – Computer World
As you know, .NET updates have been problematic in the past.
All I can say is that on my system (W7 Pro x32), I encountered no problems with all 8 updates. If you’re worried, the update creares a restore point (you can do that yourself before updating) and if anything untoward happens, reboot in “Safe Mode” and return to that restore point.
Source: http://www.computerworld.com/s/article/9220735/Microsoft_patches_critical_IE_Silverlight_drive_by_bugs