IT system administrators will be mighty busy this month, with Microsoft announcing it is prepping 12 security fixes for its next Patch Tuesday release – seven of which are labeled as “critical” and have the potential to allow remote code execution.
Four of the seven critical updates address vulnerabilities in Access, Excel and PowerPoint, while the remaining three target Windows, Internet Explorer and Media Player 11. The five less serious “important” flaws cover vulnerabilities in Windows, Outlook Express and Windows Messenger.
As usual, Microsoft divulged little information about each update, limiting the disclosure to naming the affected software and describing only in general terms the nature of the bugs. Starting October, however, the company will take a major shift in its security strategy by giving security vendors earlier access to technical details of its monthly security patches for them to get ahead of attackers.