Next week is Patch Tuesday, so this week we get the advance notification for the last updates Microsoft will issue this year. Of course that assumes there will be no unforeseen zero-day release between now and then.
This month it looks we have just seven total bulletins with five of those rated critical and two rated as important. Six out of the seven will result in Remote Code Execution, which is about as bad as bad gets. The last one deals with something Microsoft is calling a 'Security Feature Bypass' and is only in Windows Server 2008 and 2012. Despite being only rated as important that one is looking very interesting this month.
Right off the bat Bulletin 1 looks to be extremely nasty allowing Remote Code Execution in Internet Explorer 6, 7, 8, 9, and 10.Including the version of IE on that shiny new MS Surface running Windows RT. Which makes it the second patch in as many months for Microsoft's new gadget.
Critical Bulletin 3 will impact several versions of Microsoft Word and SharePoint Server. Critical Bulletin 4 will impact Exchange Server 2007 and 2010. Not sure if installation of Bulletin 4 will require a reboot or not but you might want to go ahead and schedule one anyway just in case.
The other bulletins are all desktop and server OS related.
Next week we will have all the details and the full breakdown for of all the patches this month.
