Microsoft is releasing six security bulletins next week as part of Patch Tuesday. Three of the bulletins address Windows security issues Microsoft has rated "critical."
Microsoft will release six bulletins next week for Patch Tuesday, including three critical bulletins focused on Windows security.All
totaled, 15 security vulnerabilities will be fixed in this release.
Besides the critical Windows bulletins are three others rated
"important." Among them is a fourth bulletin impacting Windows. Unlike
last month, none affect Windows 7, which was the subsect of several patches last month before it was released. The remaining two bulletins address issues in Microsoft Office.
"Customers should plan a restart for the Windows bulletins," blogged Jerry Bryant, security program manager for Microsoft Security Response Center. "The Office bulletins may not require a restart if the components being updated are not in use."
Earlier this week, Microsoft updated security bulletin MS09-054, which
dealt with four vulnerabilities within Internet Explorer. The bulletin
was part of a massive release of fixes Microsoft pushed out last month.
The update for the bulletin fixed two issues that can affect the proper display of Web pages.The
upcoming bulletins will be released Nov. 10. Sheldon Malm, senior
director of security strategy at Rapid7, predicted the most critical
issue will be bulletin three, which affects Windows."We'll
see the details on Tuesday, but our sources unanimously suggest that
bulletin three will be the issue that needs to be addressed first this
month," he said. "It has the potential for Remote Code Execution and is
rated Critical on Windows 2000, XP and Server 2003; especially
important on Vista and Server
2008...Customers are advised to take inventory of where Windows versions
are within their environments so they can plan testing and roll out the patch for bulletin three as quickly as possible."