News

Three Critical Patches on Tap for Tuesday

The Microsoft Security Response Center (MSRC) plans to publish six security bulletins next Tuesday, according to Thursday's advance notification.

The Microsoft Security Response Center (MSRC) plans to publish six security bulletins next Tuesday, according to Thursday's advance notification.

Three of the six updates will address "Critical" issues. The remaining three are expected to be of "Important" and "Moderate" severity, Microsoft said.

Redmond's advance notification lumped the bulletins into several groups. At this point, the three Critical bulletins will affect one or more versions of Office and Excel, one or more versions of Windows, and one or more iterations of the .NET Framework. All three critical bulletins are linked with potential remote code execution (RCE) exploits.

The Important vulnerabilities will affect Office and Excel versions 2003 and 2007 (as well as Microsoft Publisher 2007) along with Windows XP Professional. Both Important vulnerabilities are also linked to potential RCE exploits. The sole Moderate vulnerability involves a potential information disclosure exploit in Windows Vista. As of press time, Microsoft had not provided any additional information about this flaw.

At least four of next week’s updates will require system restarts.

Redmond's Patch Tuesday activities don't stop with these vulnerabilities, either. Microsoft announced plans to deliver four non-security, high-priority updates (via Microsoft Update and Windows Server Update Services) and one non-security, high-priority update via Windows Update and Software Update Services.

As usual, Microsoft is also prepping another version of its Windows Malicious Software Removal Tool.

Thursday's advance notification isn't always the last word in Patch Tuesday deliverables. Earlier this year, for example, Microsoft yanked several promised Windows patches from its Patch Tuesday payload. Redmond typically pulls a patch if it discovers problems during testing, or if it identifies other issues.

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.