Just one patch from Microsoft next week

Microsoft is set to release just one update as part of its monthly round of security patches, due next Tuesday.

Last month, the software maker issued its largest ever Patch Tuesday' bulletin, containing eight fixes which addressed 28 vulnerabilities.

While details were scarce on exactly which flaws next week's patch would address, the security bulletin preview did say that the update had been given Microsoft's highest security rating of critical', and that it would address both server and desktop versions of its Windows operating system (OS).

The flaws could allow attackers to install unauthorised software on a victim's computer, it added.

Despite the scant detail, there are a number of bugs affecting the Windows OS that Microsoft could be planning to fix.

In the last month alone, Microsoft warned about flaws uncovered in its TextConverter, WordPad and SQL Server database software.

Security vendor SecurityFocus said at the end of December that it had uncovered a remote code execution flaw in versions 9, 10 and 11 of Microsoft's Windows Media Player running on Windows Vista or XP, which it outlined in a blog posting on its Bugtraq website.

Microsoft was quick to respond with a posting of its own on the Microsoft Security Centre blog, admitting that the code posted in the Bugtraq blog could crash the player, but dismissing SecurityFocus's claim that it could compromise the security of the rest of a Windows system.

One recent flaw Microsoft won't have to address was discovered in Internet Explorer 7 in December. The software maker deemed the vulnerability, which allowed hackers to install password-stealing software on affected PCs, to be so serious it rushed out a patch within eight days, outside of the regular round of monthly patching.

Miya Knights

A 25-year veteran enterprise technology expert, Miya Knights applies her deep understanding of technology gained through her journalism career to both her role as a consultant and as director at Retail Technology Magazine, which she helped shape over the past 17 years. Miya was educated at Oxford University, earning a master’s degree in English.

Her role as a journalist has seen her write for many of the leading technology publishers in the UK such as ITPro, TechWeekEurope, CIO UK, Computer Weekly, and also a number of national newspapers including The Times, Independent, and Financial Times.