In its regular series of monthly security fixes, the company tomorrow is launching eight separate bulletins to patch 23 different holes in a small but key range of products. Marked as “critical,” two of the bulletins are aimed at stopping hackers from remotely running code in Windows, Internet Explorer, .NET, and Silverlight.
Specifically, these two bulletins are deemed critical for the desktop versions of Windows and should be applied to Windows XP, Windows Vista, and Windows 7. Only one of the bulletins is tagged as critical for Windows Server 2003, 2008, and 2008 R2 as the server editions of Windows offer tighter security than their desktop cousins.
The other bulletins are labeled “important” and primarily affect Windows. But holes in two server-based enterprise products–Forefront Unified Access Gateway and Host Integration Server–are also targeted in the patches. The holes being patched in Internet Explorer can affect a variety of different versions from IE6 all the way to IE9.
Users with Windows Update enabled to “install updates automatically” will receive the critical patches by default and can decide if they want to install the important updates.
October marks a bigger month for patches compared with September, when Microsoft deployed a total of five security bulletins, none of which were critical, that plugged 15 holes in a host of products.