Seven security patches are to be expected from Microsoft next Tuesday. Several are thought to be critical while one addresses a flaw that is already being exploited.
Windows will get two security patches; Microsoft Office three; and Microsoft Exchange and Microsoft BizTalk one each. These will address at least one 'critical' update per application - the highest level of security patch - Microsoft said on its Security Bulletin Advance Notification website.
One of the flaws that is likely to be addressed is the DNS flaw in Windows Server (2000 and 2003) that has been exploited over past weeks. Microsoft said these attacks had been 'limited'.
The full list of Microsoft security bulletins reads like this:
- Two affecting Windows with the maximum 'critical' severity rating
- Three affecting Microsoft Office with the maximum 'critical' severity rating
- One affecting Microsoft Exchange with the maximum 'critical' severity rating
- One affecting Microsoft Active X control Capicom and Microsoft BizTalk with the maximum 'critical' severity rating
Microsoft will also release one high-priority, non-security update through Windows Update and six other high-priority, non-security updates through Microsoft Update.