News

Microsoft to Release 5 Non-Critical Bulletins Tuesday

Microsoft's Security Response Center is working on five non-critical security bulletins for release next Tuesday, the company said late Thursday as part of its newly public Security Bulletin Advance Notification program.

The most severe flaws in next week's "Patch Tuesday" batch will address "important" security problems, and some of the security updates may require a restart. Microsoft uses the "important" rating for vulnerabilities that could result in compromise of the confidentiality, integrity or availability of users data or of the integrity or availability of processing resources.

Microsoft's advance warning doesn't mention which platforms may be affected by the bulletins.

Microsoft has one highly public outstanding issue involving Microsoft WINS that company officials have confirmed they are working on fixing. In late November, security experts warned users to lock down unused ports after an exploit surfaced for an unpatched flaw in WINS.

The company issued a rare out-of-cycle patch on Dec. 1 for an even higher profile issue -- the critical Internet Explorer flaw that was being exploited through compromised Web banner servers. Normally Microsoft only releases patches on the second Tuesday of each month. The cumulative patch for IE was only the fourth time Microsoft has broken out of that schedule since switching to the monthly schedule in late 2003.

Taking Signups for New Notification Service

Also on Thursday, Microsoft began taking signups for what it calls the Microsoft Security Notification Service: Comprehensive Version. The e-mail service consists of e-mail notification of the advance notification of upcoming security bulletins and notifications of minor changes to previously released bulletins.

Click here to view the advance security notification for December and to find the link to sign up for the new notification service.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft Offers Support Extensions for Exchange 2016 and 2019

    Microsoft has introduced a paid Extended Security Update (ESU) program for on-premises Exchange Server 2016 and 2019, offering a crucial safety cushion as both versions near their Oct. 14, 2025 end-of-support date.

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Notebook

    Microsoft Centers AI, Security and Partner Dogfooding at MCAPS

    Microsoft's second annual MCAPS for Partners event took place Tuesday, delivering a volley of updates and directives for its partners for fiscal 2026.

  • Microsoft Layoffs: AI Is the Obvious Elephant in the Room

    As Microsoft doubles down on an $80 billion bet on AI this fiscal year, its workforce reductions are drawing scrutiny over whether AI's ascent is quietly reshaping its human capital strategy, even as official messaging avoids drawing a direct line.