Microsoft will release 10 patches on Patch Tuesday this month, with two rated critical for May. One of the critical patches will fix a zero-day vulnerability found in Internet Explorer earlier this month.
Senior product manager for CORE Security Alex Horan said: "May is going to a busy month for administrators, with 10 patches and a number of restarts required. Reboots are always dreaded by admins, not only because they have a negative effect on uptime, but also raise the possibility of potential hardware failure upon restarting the machine."
Microsoft will release the 10 patches on 14 May at 10AM PST. This month's patches will include two critical patches and an assortment of important ones.
Bulletins rated important will include patches for issues found within Windows, Office, Server and Tools, and .NET Framework.
According to Horan, bulletin number one will be a key fix for May. Bulletin one will patch a zero-day exploit originally uncovered by AlienVault earlier this month. The vulnerability was reported to have led to a cyber-espionage campaign perpetrated by hackers in China.
"This is most likely the patch for the recent zero-day, for which the exploit is already readily available and in the hands of most attackers," continued Horan.
Microsoft has already released a temporary fix for the vulnerability. However, the impending patch will completely correct the problem. Experts have already urged IT administrators to fix the issue once the patch launches earlier this month.
Horan also highlights bulletins four, nine, and 10 as being important for the month. She notes that bulletin four and 10 will cover all operating systems and be important for IT admins. Nine marks an important patch for home users because it focuses on Windows Essentials.
This month's release comes following April's patch-heavy launch. Last month saw two critical patches for Internet Explorer and Microsoft's remote desktop client.