Microsoft Patch Tuesday to Roll Out Critical Updates

Patch Tuesday is right around the corner (tomorrow, in fact), and in advance of its monthly update package, Microsoft is giving a heads up that this month's will contain three "Critical" patches and five labeled as "Important." A Critical rating is the most severe and indicates a vulnerability whose exploitation could allow code execution without user interaction.

One of the Critical security bulletins covers all versions of Internet Explorer on every flavor of Windows. In other words, if you run Windows, you'll need to update (or should, anyway), and yes, this particular one will require a system restart to apply the changes.

Windows Update

November's Patch Tuesday will also introduce Important fixes for all version of Office from 2003 to 2013, and for Outlook 2007 to 2013. Curiously missing this round, however, is a fix for the recently discovered zero-day TIFF (Tagged Image File Format) image bug. This is a remote code execution vulnerability.

There's been a bit of confusion as to which systems are affected by the bug. In short, if you run Vista or Server 2008, you're vulnerable. The same is true if you have Office 2003 or 2007 (doesn't matter which OS you're running), or any version of Microsoft Lync.

If you're running Office 2010 on XP or Server 2003, you are vulnerable as well.