Coming on Patch Tuesday: 3 Windows bulletins, 1 critical

Microsoft today outlined plans to ship three security bulletins for software vulnerabilities in the Windows operating system.

One of the three bulletins will carry a “critical” rating, meaning that it will cover flaws that could be exploited to launch remote code execution attacks.

According to the advance notice from Microsoft, the other two bulletins are rated “important” and can expose Windows users to spoofing attacks.

All three bulletins require a restart after deployment.

All supported versions of Windows will be affected by next Tuesday’s releases, including the newer Windows Vista and Windows Server 2008.

This month’s batch of patches will NOT include a fix for a known — and under attack — code execution vulnerability affecting Microsoft Office. Microsoft has already issued a security advisory on the Office attacks (via rigged Excel files) with some suggested mitigation guidance.

[Source: zdnet]