Microsoft will release six updates for Windows, four for Office, and one for the .Net Framework. At least one each of the Windows and Office updates will be labeled "critical," Microsoft's highest warning rank.
Microsoft Corp. will release 11 security updates next week, marking the third time in the last five months that it has posted a double-digit number of patches, the company said Thursday.
In the advance notification posted on its Web site, Microsoft said it would release 6 updates for Windows, 4 for Microsoft Office, and 1 for the .Net Framework. At least one each of the Windows and Office updates will be labeled "critical," Microsoft's highest warning rank.
Although the Redmond, Wash.-based developer unveiled only 4 updates last month, it posted 12 in August and another dozen in June. With the 11 expected Tuesday, Oct. 10, Microsoft will have released 66 security bulletins thus far in the year, nearly matching 2002's record 69 updates, but with two months still to go.
Microsoft doesn't disclose the exact components, services, or applications to be patched prior to update delivery, but both Windows and Office have outstanding vulnerabilities that are currently being exploited by attackers. A pair of Internet Explorer flaws may be patched Tuesday, and it's likely that a bug in PowerPoint will also be fixed. Previously, Microsoft promised that one of the browser bugs would be patched in the October batch.
That flaw, which is in a Windows ActiveX control called "WebViewFolderIcon," may be one of those marked critical by Microsoft. An advisory posted Wednesday by California-based vendor eEye Digital Security slapped the same rating on the bugvulnerability because criminals were already using it to plant malware on users' PCs.
October's updates will be available for manual download from the Microsoft Web site on Tuesday at approximately 10 a.m. PDT. Automatic updates to users' computers will begin shortly after that.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.