System administrators can look forward to a light Patch Tuesday with Microsoft planning to release only four bulletins...
in its monthly security update on 8 November.
Just one of the bulletins is rated "critical", while two are rated "important" and remaining one is rated "moderate", according to the Microsoft security bulletin advance notice.
The "critical" bulletin affects only Windows Vista, Windows 7 and Windows 2008 Server R2, said Wolfgang Kandek, chief technology officer at security firm Qualys.
"Interestingly the majority of bulletins only apply to these newer versions of Windows, and XP and 2003 users are only affected by bulletin three, which is rated important," he said.
Kandek said it is unlikely that Microsoft will release a patch for the recently disclosed zero-day vulnerability exploited by the Duqu Trojan, widely dubbed "son of Stuxnet".
The malware exploits a flaw in the Win32k TrueType font-parsing engine affected every version of Windows from XP to Windows 7.
Microsoft has issued a temporary fix for the exploit, but said it will decide on whether to release a patch in the next monthly update or an out-of-band patch only once investigations are complete.
"Overall, this is a Patch Tuesday that will give a break to many IT administrators," said Kandek.