Microsoft plans light patch Tuesday; to fix 22 bugs

Issues advance patch notification for four security vulnerabilities to address 22 bugs across Windows, Office products; culminates support for Vista SP1.

Microsoft is gearing up to release patches for four security vulnerabilities across its Windows and Office products next week. The bulletins will fix 22 flaws, according to Microsoft’s July 7 Patch Tuesday advance notification.

Three of these bulletins will address vulnerabilities in Windows OS versions. The fourth will deal with an Office 2003 security flaw.

Only one bulletin has a severity rating of ‘critical’. It addresses vulnerabilities in Windows Vista SP1, SP2 and Windows 7, which can lead to a remote code execute. This vulnerability is present in the 64- and 32-bit versions of these operating systems.

The other two bulletins addressing flaws present in all currently supported versions of the Windows operating system (including Server 2008), have a severity rating of 'important'. These two bulletins address bugs that might lead to an elevation in privilege. The last bulletin, also rated important, addresses security vulnerabilities in Microsoft’s Visio 2003, SP3 which could be exploited to perform a remote code-execute.

While this month’s patch Tuesday patch is relatively light, it might be disruptive for administrators to deploy, since they affect operating systems and require restarts. The Office 2003 patch ‘may require restart’, according to the advance notification on Microsoft’s Technet website.

July’s Patch Tuesday release is slated for July 12, and expected to be the last security update to Vista SP1. These updates will be available through Automatic updates and Windows update.

Read more on Data breach incident management and recovery