On Tuesday, Microsoft is issuing six bulletins addressing seven flaws in Microsoft Windows, Visual Studio, and Expression Design. In addition to the one critical bulletin, Microsoft is issuing four bulletins rated as important and one rated as moderate.
“This month’s bulletins impact the full operating system family and while six bulletins represents a light load of patches, this Tuesday will be disruptive in terms of required reboots”, commented Paul Henry, security and forensic analyst at Lumension.
Added Wolfgang Kandek, chief technology officer of Qualys: “Bulletin one will be the most important; it is critical rated remote code execution (RCE) and is applicable in all versions of Windows from XP to the latest Windows 7 and Server 2008R2. The other RCE vulnerability is in bulletin five, rated important because opening a malicious file is required for Expression Design, an application competing with Adobe's graphics tools.”
Andrew Storm, director of security operations for nCicle, observed: “Looks like we’ll see a light patch Tuesday this month. Microsoft’s advanced notification includes just six bulletins and only one is critical. The single critical bulletin is important though, it’s critical for all versions of Windows. It looks like this bulletin will patch is a serious bug that affects all versions of Windows, and we don’t see that very often.”