Microsoft has issued an advance notification that it is preparing to release five security bulletins on Tuesday, September 8. Redmond considers all five of the vulnerabilities to be critical, citing an impact of remote code execution – in other words, a hacker could potentially gain control of a compromised system.
The vulnerabilities affect a number of Windows operating systems, including Windows 2000, Windows XP (x86 and x64), Windows Server 2003 (x86 and x64), Windows Vista (x86 and x64), and Windows Server 2008 (x86 and x64). Microsoft will host a webcast to address questions regarding the bulletins a day after their release (September 9) at 11AM PST.
In addition to the critical patches, Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool – but no fix for the IIS (Internet Information Service) vulnerability made public August 31.