MS Patch Tuesday heads-up: Critical Windows update on deck

Summary:Microsoft plans to have a quiet Patch Tuesday this month: Just two bulletins covering security vulnerabilities in the Windows operating system and Office productivity suite.

Microsoft plans to have a quiet Patch Tuesday this month:  Just two bulletins covering security vulnerabilities in the Windows operating system and Office productivity suite.

According to an advance notice from Redmond, the Windows update will be rated "critical" because of the risk of remote code execution attacks.  This patch only affects Windows Server 2003, Windows Server 2008 and Windows Server 2008 R2.

The Microsoft Office patch will carry an "important" rating and will also cover flaws that can be exploited in remote code execution attacks.

The patches are expected to be released on May 10, 2011 at 1:00 PM Eastern.

Microsoft also announced plans to modify its Exploitability Index to provide more details for Windows users running the newest software versions.

The Exploitability Index assesses the likelihood of functional exploit code being developed for a particular vulnerability. By providing the index information month over month, we’re helping customers prioritize the security updates that matter to them. The Exploitability Index will continue to provide an aggregate exploitability rating across all affected products, and the improvements made to Exploitability Index will now offer additional information to help customers prioritize bulletins, specifically for the most recent platforms, e.g. Windows 7 Service Pack 1 and Office 2010.

The changes effectively means that Microsoft will split out the Exploitability Index into a rating for the most recent version of the software, and an aggregate rating for all older versions.

Topics: Software, Microsoft, Operating Systems, Windows

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.