[i]Microsoft is planning to release at least eleven security fixes next Tuesday… Four critical patches planned in monthly update.[/i]
The company released the advance notification information for the upcoming October ‘Patch Tuesday’ security update. The update will contain four bulletins rated as critical, six rated as important, and one rated as a moderate risk. The company has in the past added or removed bulletins in between the advance notification and the update release, however. The four critical bulletins include fixes for Windows, Internet Explorer, Excel and the Microsoft Host Integration Server. All four bulletins address flaws which, if exploited, could allow an attacker to remotely execute code on a targeted system.
Each of the six important bulletins address flaws in the Windows operating system. If exploited, three of those flaws could allow for remote code execution, while the other three could allow an attacker to obtain elevated privileges on a system.
The lone ‘moderate’ bulletin addresses a security issue in Office XP which could potentially lead to information disclosure. Other versions of the Office suite are not listed as vulnerable to the flaw.
Microsoft plans to release the October security update next Tuesday, October 14th. The updates are typically posted to the company’s update services by early afternoon US Pacific time.