Patch Tuesday: Critical IE, Vista patches on deck

Next Tuesday, Microsoft plans to ship six bulletins with patches for a wide swathe of vulnerabilities in Windows, Internet Explorer, Outlook Express, Windows Mail, Office and Visio.

Four of the six bulletins will be rated "critical," Microsoft's highest severity rating. One will be rated "important" and one will carry a "moderate" rating.

Of the four criticals, two will include high-severity patches for Windows Vista. The bulletin rated "moderate" only affects Vista.

As part of its new-look advance notice mechanism, the MSRC (Microsoft Security Response Center) is providing more details on the patches coming on June 12, down to the severity rating of each bug covered in the individual bulletins.

[ See: Microsoft Security Bulletin Advanced Notification for June 2007 ]

Microsoft is not releasing the CVE numbers attached to the individual vulnerabilities until next Tuesday so there is no way yet to get a final total on how many flaws are being fixed.

[UPDATE: June 7, 2007 @ 3:59 PM]  Someone just reminded me about this unpatched Windows Mail file-execution vulnerability affecting Vista.  It's possible this could be one of the patches coming on Tuesday, expecially since public exploit code has been posted for this since March 2007.