News

Three Critical Patches on Tap for Tuesday

The Microsoft Security Response Center (MSRC) plans to publish six security bulletins next Tuesday, according to Thursday's advance notification.

The Microsoft Security Response Center (MSRC) plans to publish six security bulletins next Tuesday, according to Thursday's advance notification.

Three of the six updates will address "Critical" issues. The remaining three are expected to be of "Important" and "Moderate" severity, Microsoft said.

Redmond's advance notification lumped the bulletins into several groups. At this point, the three Critical bulletins will affect one or more versions of Office and Excel, one or more versions of Windows, and one or more iterations of the .NET Framework. All three critical bulletins are linked with potential remote code execution (RCE) exploits.

The Important vulnerabilities will affect Office and Excel versions 2003 and 2007 (as well as Microsoft Publisher 2007) along with Windows XP Professional. Both Important vulnerabilities are also linked to potential RCE exploits. The sole Moderate vulnerability involves a potential information disclosure exploit in Windows Vista. As of press time, Microsoft had not provided any additional information about this flaw.

At least four of next week’s updates will require system restarts.

Redmond's Patch Tuesday activities don't stop with these vulnerabilities, either. Microsoft announced plans to deliver four non-security, high-priority updates (via Microsoft Update and Windows Server Update Services) and one non-security, high-priority update via Windows Update and Software Update Services.

As usual, Microsoft is also prepping another version of its Windows Malicious Software Removal Tool.

Thursday's advance notification isn't always the last word in Patch Tuesday deliverables. Earlier this year, for example, Microsoft yanked several promised Windows patches from its Patch Tuesday payload. Redmond typically pulls a patch if it discovers problems during testing, or if it identifies other issues.

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.

Featured

  • World Map Image

    Microsoft Taps Nebius in $17B AI Infrastructure Deal To Alleviate Cloud Strain

    Microsoft has signed a five-year, $17.4 billion agreement with Amsterdam-based Nebius Group to expand its AI computing capabilities through third-party GPU infrastructure.

  • Microsoft Brings Copilot AI Into Viva Engage

    Microsoft 365 Copilot in Viva Engage is now generally available, extending Copilot's AI-powered assistant capabilities deeper into the Viva platform.

  • MIT Finds Only 1 in 20 AI Investments Translate into ROI

    Despite pouring billions into generative AI technologies, 95 percent of businesses have yet to see any measurable return on investment.

  • Report: Cost, Sustainability Drive DaaS Adoption Beyond Remote Work

    Gartner's 2025 Magic Quadrant for Desktop as a Service reveals that while secure remote access remains a key driver of DaaS adoption, a growing number of deployments now focus on broader efficiency goals.

Most   Popular