Add as a preferred source on Google


News

Seven Critical Patches on Tap for Tuesday

All seven updates will address critical issues, Microsoft said. Redmond lumped the bulletins into several groups, two of which affect Windows.

The Microsoft Security Response Center (MSRC) plans to publish seven security bulletins next Tuesday, according to Thursday's advance notification.

All seven updates will address critical issues, Microsoft said. Redmond lumped the bulletins into several groups, two of which affect Windows, three of which affect Office, one of which affects Exchange and a final update which affects Microsoft's CAPICOM and BizTalk Server.

The Windows Critical updates will require a system restart, Microsoft said; the Office updates may require a restart, as well.

As usual, Microsoft provided few clues as to which updates it plans to deliver. Microsoft officials did confirm, however, that next Tuesday's patch haul will include a fix for a DNS vulnerability that affects Windows 2000 Server (all versions) and Windows Server 2003 (all versions).

"We haven't seen any new information around attacks against the issue we discussed in Microsoft Security Advisory 935964," wrote Microsoft's Christopher Budd in a posting on the MSRC blog. "Also, the listing of updates slated for Tuesday does include the update we've been working on for this issue."

Last month, Budd indicated that Microsoft hoped to finish testing the DNS patch in time for Patch Tuesday.

"While we don't have a firm estimate on when we'll complete our development and testing of updates for this issue, we have teams around the world working on it 24 hours a day, and hope to have updates no later than May 8, 2007, for the May monthly bulletin release," he had written on the MSRC blog.

But this is not the full extent of Microsoft's patch plans. The company announced plans to deliver one non-security, high-priority update for Windows (via Windows Update and Software Update Services), as well as six non-security, high-priority updates (via Microsoft Update and Windows Server Update Services). In addition, Redmond plans to release still another version of its Windows Malicious Software Removal Tool.

Thursday's advance notification isn't always the last word in Patch Tuesday deliverables, of course. Earlier this year, for example, Microsoft yanked several promised Windows patches from its Patch Tuesday payload. Redmond typically pulls a patch if it discovers problems during testing, or if it identifies other issues.

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.

Featured

  • Microsoft Dismantles RedVDS Cybercrime Marketplace Linked to $40M in Phishing Fraud

    In a coordinated action spanning the United States and the United Kingdom, Microsoft’s Digital Crimes Unit (DCU) and international law enforcement collaborators have taken down RedVDS, a subscription based cybercrime platform tied to an estimated $40 million in fraud losses in the U.S. since March 2025.

  • Sound Wave Illustration

    CrowdStrike's Acquisition of SGNL Aims to Strengthen Identity Security

    CrowdStrike signs definitive agreement to purchase SGNL, an identity security specialist, in a deal valued at about $740 million.

  • Microsoft Acquires Osmos, Automating Data Engineering inside Fabric

    In a strategic move to reduce time-consuming manual data preparation, Microsoft has acquired Seattle-based startup Osmos, specializing in agentic AI for data engineering.

  • Linux Foundation Unites Major Tech Firms to Launch Agentic AI Foundation

    The Linux Foundation today announced the creation of a new collaborative initiative — the Agentic AI Foundation (AAIF) — bringing together major AI and cloud players such as Microsoft, OpenAI, Anthropic and other major tech companies.

Most   Popular