- V3 Apps
Microsoft said that it will deliver six security bulletins, four of which address critical flaws for systems including the newly-released Windows 8, in next week's scheduled security update.
The company said that the November edition of Patch Tuesday will include fixes for vulnerabilities in Windows, Internet Explorer, Office and the .NET framework.
According to Microsoft's advance notification posting, all supported versions of Windows, ranging from Windows XP to Windows 8, will be subject to critical fixes, as will all supported versions of Windows Server and Internet Explorer 9.
While Microsoft does not provide details on vulnerabilities prior to the release of a patch, the company said that all four of the critical patches will address remote code execution vulnerabilities.
Additionally, the company is planning to release a bulletin to patch a remote code execution flaw in the Office which has been categorised as an 'important' risk level and a patch for an information disclosure vulnerability in Windows classified as 'moderate.'
Microsoft noted that the Office patch would also be distributed to Mac users running the OS X version of the productivity suite.
Paul Henry, a security and forensic analyst with Lumension, said that the number of fixes for serious flaws in Microsoft's latest products was particularly worrisome given Microsoft's commitment to a secure development process.
"Right off the top, it’s disappointing to see the critical bulletins impacting more than just legacy code as we’ve come to expect in recent months. These bulletins impact many current generation products and that’s concerning," Henry explained.
"Nothing is ever 100 percent secure and albeit mistakes are made in software. But it’s still ugly to see."