Critical Windows Security Bulletins on Tap for Patch Tuesday
Microsoft will release six bulletins next week for Patch Tuesday, including three critical bulletins focused on Windows security.
All totaled, 15 security vulnerabilities will be fixed in this release. Besides the critical Windows bulletins are three others rated "important." Among them is a fourth bulletin impacting Windows. Unlike last month, none affect Windows 7, which was the subsect of several patches last month before it was released. The remaining two bulletins address issues in Microsoft Office.
"Customers should plan a restart for the Windows bulletins," blogged Jerry Bryant, security program manager for Microsoft Security Response Center. "The Office bulletins may not require a restart if the components being updated are not in use."
Earlier this week, Microsoft updated security bulletin MS09-054, which dealt with four vulnerabilities within Internet Explorer. The bulletin was part of a massive release of fixes Microsoft pushed out last month. The update for the bulletin fixed two issues that can affect the proper display of Web pages.
The upcoming bulletins will be released Nov. 10. Sheldon Malm, senior director of security strategy at Rapid7, predicted the most critical issue will be bulletin three, which affects Windows.
see the details on Tuesday, but our sources unanimously suggest that
bulletin three will be the issue that needs to be addressed first this
month," he said. "It has the potential for Remote Code Execution and is
rated Critical on Windows 2000, XP and Server 2003; especially