After three months of heavy patching, IT administrators will get a
little break for September. Microsoft announced on 5 September that
it will release only three security updates next week -- two for
Windows and one for Office.
The software giant won't release specific vulnerability details
until Tuesday, but the advance notification on the company's
TechNet site does note that the Windows fix
will be rated "important" and the Office fix will be
"critical."
The company will also update its
malware removal tool and release three
non-security, high-priority updates Tuesday.
As it does every month, Microsoft warned that "although we do
not anticipate any changes, the number of bulletins, products
affected, restart information and severities are subject to change
until released."
The upcoming patch release will be much smaller than those of
the last three months. In August Microsoft released 12 security
bulletins
covering a range of problems in Windows, Office
and Internet Explorer.
Seven security updates were released in July for
flaws in Windows, Internet Explorer, Exchange,
Media Player, PowerPoint and Word.
August 2006 proved particularly hairy for Microsoft. Bot herders
used the Windows Server Service flaw fixed in
MS06-040 to expand their army of zombie
machines, and the cumulative Internet Explorer update in
MS06-042 had to be re-released after causing
system crashes and opening up a new vulnerability.
This article originally appeared on
SearchSecurity.com.