Microsoft has announced last Thursday on The Microsoft Security Response Center (MSRC) that it’s going to release, via Windows Update, 13 security patches on the forthcoming Tuesday (October 13th). These patches will address 34 new vulnerabilities that affect: Windows, Internet Explorer, Office, Silverlight, Forefront, Developer Tools, and SQL Server.
This is nothing new as the Redmond company releases security bulletins on a monthly basis. However, what’s different this time is that this month’s security bulletins include five Windows 7 security fixes, one of which is considered “Critical” while the others were rated as ”Important”. The critical update resolves a security hole in Internet Explorer 8. Microsoft stressed the importance of these updates as Jerry Bryant, its security program manager, stated:
Usually we do not go into this level of detail in the advance notification but we felt that it is important guidance so customers can plan accordingly and deploy these updates as soon as possible.
These are the first security patches Windows 7 will receive after it has been released to manufacturing. Windows XP and Vista seem to have more security problems as the former will receive nine updates (where six of them are critical) and the latter will get eight (five are critical ones). Ars Technica has provided the exact breakdown of the bulletins:
- Bulletin 1: Critical (Remote Code Execution), Windows
- Bulletin 2: Critical (Remote Code Execution), Windows
- Bulletin 3: Critical (Remote Code Execution), Windows
- Bulletin 4: Critical (Remote Code Execution), Windows
- Bulletin 5: Critical (Remote Code Execution), Windows, Internet Explorer
- Bulletin 6: Critical (Remote Code Execution), Windows
- Bulletin 7: Important (Spoofing), Windows
- Bulletin 8: Important (Remote Code Execution), Windows
- Bulletin 9: Important (Elevation of Privilege), Windows
- Bulletin 10: Important (Denial of Service), Windows
- Bulletin 11: Critical (Remote Code Execution), Office
- Bulletin 12: Critical (Remote Code Execution), Windows, Silverlight
- Bulletin 13: Critical (Remote Code Execution), Windows, Office, SQL Server, Developer Tools, Forefront
In addition, Microsoft will be hosting a live webcast for those interested the following day (October 14th). So if you’re running the Windows 7 RTM, get ready to download and install Windows 7′s first security fixes.
Sources:The Microsoft Security Response Center (MSRC), Softpedia and Ars Technica
