Microsoft Patch Tuesday: Expect 7 Bulletins, 4 Critical - InformationWeek
Software // Enterprise Applications
04:18 PM

Microsoft Patch Tuesday: Expect 7 Bulletins, 4 Critical

Microsoft is planning to patch vulnerabilities in Windows Vista, Internet Explorer and Office in next week's Patch Tuesday release.

Microsoft plans to release seven security bulletins next week, including patches for critical bugs in Windows, Internet Explorer and Office.

Four of the bulletins address critical vulnerabilities, which is Microsoft's highest security threat classification. The other three, according to an online advisory, are rated important, which is the second-highest rating. While Microsoft said in its Security Bulletin Advance Notification that there will be seven bulletins, there's no word on how many actual vulnerabilities will be fixed.

This month's Patch Tuesday comes on Oct. 9.

Three of the bulletins address flaws in Windows Vista " two of them are critical.

The online advisory also noted that the four critical bulletins all address remote execution problems. The critical bulletins cover flaws in Office, Windows, the Internet Explorer browser, Outlook Express, and Windows Mail.

One important bulletin deals with a denial-of-service problem in Windows, while another one addresses a Windows flaw that enables spoofing. The third important bulletin handles an elevation of privileges bug in Windows and Office.

This month's patch release will come after Microsoft only released four security bulletins in September. That batch of bulletins included one critical and three that were rated important. The critical bug involved a remote code execution vulnerability based in the way the Microsoft Agent handles certain specially crafted URLs, affecting Microsoft Windows 2000 Service Pack 4.

The September patch release was a big swing from the August release, which was the second largest release for the year. August saw nine security bulletins covering 14 vulnerabilities. The batch patched vulnerabilities affected anyone using Windows, according to Amol Sarwate, manager of the Vulnerability Research Lab at Qualys.

Comment  | 
Print  | 
More Insights
Threaded  |  Newest First  |  Oldest First
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll