Microsoft is scheduled to push out four security bulletins this following Tuesday addressing problems in Windows, Internet Explorer and other products.
Just one of the bulletins – the main one addressing Internet Explorer – is rated ‘Critical.’ The other three are classified by Microsoft as Important.
“Looks like a very light round of Microsoft Patching this month,” stated Ross Barrett, manager of security engineering at Rapid7. “Only four advisories, of which only one is critical. The sole critical issue this month is the expected Internet Explorer role up affecting all supported (and likely some unsupported) versions. This will be the top patching priority for this month.”
Many corporations don’t regularly stay up-to-date with all the latest versions of the browser, noted Eric Cowperthwaite, vp of security at Core Security.
The three non-critical bulletins handle problems in Windows, the .NET Framework and Microsoft Lync Server. Two of the notices handle denial of service problems, whilst the other addresses an escalation of privilege.
“The few number of patches expected out next week doesn’t mean you can take a pass on patching this month however,” Russ Ernst stated, director of product management at Lumension. “The critical class patch is for at least one remote code execution vulnerability in IE – likely another cumulative update for the browser.”
You can read the full bulletin here.