In its advance notification bulletin for April, Microsoft previewed six security bulletins — four addressing “critical” remote code execution flaws — to be released next week.
Among the bulletins, two will be of particular importance for Windows Server admins; both address a remote code execution flaw and affect Windows Server 2003, 2008 and 2008 R2. A third bulletin, which affects Internet Explorer 6, 7 and 8, is seen as a moderate risk for those products, but critical for Windows desktop software (Windows 7, Vista and XP).
A fourth critical bulletin affects all versions of Microsoft Office from 2003 on, as well as all versions of SQL Server and some versions of BizTalk Server, Commerce Server, VisualFox Pro and Visual Basic 6.0 Runtime.
There are also two “important” bulletins, including an information disclosure issue in Forefront Unified Access Gateway and a remote code execution patch for Office 2007 SP2 and Microsoft Works 9.
Stay tuned for more information on the patches next week; also, see SearchWindowsServer for details on last month’s bulletin.]]>