We're coming up on the second Tuesday of the month, which is when Microsoft
rolls out a collection of security updates for Windows and Internet Explorer. Otherwise known as "Patch Tuesday
," the one that's coming up tomorrow will be relatively light compared to previous ones as it contains only five security bulletins, however two of them are deemed Critical and three Important, and several of them require a restart.
The first Bulletin addresses a zero-day vulnerability affecting IE versions 9 and 10, along with other security fixes for IE versions 6 through 11. This one is deemed Critical because of the zero-day exploit identified by FireEye
last month, which was used to infect the U.S. Veterans of Foreign Wars website and other government portals.
Bulletin number 2 is also Critical -- it affects almost all versions of Windows from XP through 8.1 and, if left unpatched, would allow an attacker to take control of a PC remotely.
The remaining Bulletins -- 3 through 5 -- are all labeled as Important, the first two of which require a restart. One of them deals with an Elevation of Privilege exploit found in Windows, and the other two address Security Feature Bypass vulnerabilities present in Windows and Silverlight.