Next Tuesday, October 13, Microsoft will release security patches for Windows and related software on its usual monthly cycle. According to the Security Bulletin Advance Notification, Microsoft will issue 13 security bulletins next Tueday (a new record!) to address 34 different vulnerabilities. All supported versions of Windows are affected by multiple Critical vulnerabilities; Microsoft Office software, SQL Server, and Silverlight are also affected, as shown in the table below:
|Windows Server 2003||4||6||1||–|
|Windows Server 2008||4||5||–||1|
In addition, SQL Server and Silverlight each have one bulletin rated Critical. Consult the Advance Notification for more details.
It is a pleasure to welcome Windows 7 to this monthly ritual, even though it will not be officially released until October 22.
According to Microsoft, roughly half of these bulletins will definitely require a system re-boot after installation, and the remainder may require one. (Based on past experience, most of those others probably will.) You may want to factor this into your planning. Please note that the severity ratings may change when the final bulletins are released.
As usual, I will post a note here with updated information once the bulletins are actually released next Tuesday.