Microsoft Patch Tuesday: Expect 7 Bulletins, 4 Critical - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Enterprise Applications

Microsoft Patch Tuesday: Expect 7 Bulletins, 4 Critical

Microsoft is planning to patch vulnerabilities in Windows Vista, Internet Explorer and Office in next week's Patch Tuesday release.

Microsoft plans to release seven security bulletins next week, including patches for critical bugs in Windows, Internet Explorer and Office.

Four of the bulletins address critical vulnerabilities, which is Microsoft's highest security threat classification. The other three, according to an online advisory, are rated important, which is the second-highest rating. While Microsoft said in its Security Bulletin Advance Notification that there will be seven bulletins, there's no word on how many actual vulnerabilities will be fixed.

This month's Patch Tuesday comes on Oct. 9.

Three of the bulletins address flaws in Windows Vista " two of them are critical.

The online advisory also noted that the four critical bulletins all address remote execution problems. The critical bulletins cover flaws in Office, Windows, the Internet Explorer browser, Outlook Express, and Windows Mail.

One important bulletin deals with a denial-of-service problem in Windows, while another one addresses a Windows flaw that enables spoofing. The third important bulletin handles an elevation of privileges bug in Windows and Office.

This month's patch release will come after Microsoft only released four security bulletins in September. That batch of bulletins included one critical and three that were rated important. The critical bug involved a remote code execution vulnerability based in the way the Microsoft Agent handles certain specially crafted URLs, affecting Microsoft Windows 2000 Service Pack 4.

The September patch release was a big swing from the August release, which was the second largest release for the year. August saw nine security bulletins covering 14 vulnerabilities. The batch patched vulnerabilities affected anyone using Windows, according to Amol Sarwate, manager of the Vulnerability Research Lab at Qualys.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
2021 Outlook: Tackling Cloud Transformation Choices
Joao-Pierre S. Ruth, Senior Writer,  1/4/2021
News
Enterprise IT Leaders Face Two Paths to AI
Jessica Davis, Senior Editor, Enterprise Apps,  12/23/2020
Slideshows
10 IT Trends to Watch for in 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/22/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Slideshows
Flash Poll