Microsoft on Thursday released its monthly bug fix advance notice, warning IT shops that it plans to release five critical patches for virtually all versions of Windows next week on “Patch Tuesday.”
Still, the warning notice may more notable for what is missing than what it will fix.
Invariably fairly thin on details, Microsoft’s (NASDAQ: MSFT) advance notices provide administrators with a little early warning of what they can expect to focus on when the actual patches come out a few days later.
Patch Tuesday, the day when Microsoft releases all or most of the patches it will issue each month, is traditionally slated as the second Tuesday of the month.
Tuesday’s patch drop will provide fixes for five critical bugs in various versions of Windows, including Windows 2000, both service packs of XP and Vista, as well as in Windows Server 2000, 2003, and 2008.
That set off an alarm for at least one security firm which analyzed the information that is available in the notice.
“Leading the pack this month is Microsoft Vista with four critical vulnerabilities. This brings up an interesting situation as Windows 7 and Windows 2008 R2 were released to manufacturing (RTM) early last month,” Don Leatham, director of solutions and strategy at security vendor Lumension, said in an e-mail to InternetNews.com.
“Given the significant amount of code shared between Vista and Windows 7, it is likely that some of these security bulletins could apply to Windows 7 or Server 2008 R2, but this is not addressed in the information released today by Microsoft,” he added.
It’s also not known whether any of the patches will fix a critical hole in early versions of Internet Information Services that Microsoft described in a Security Advisory earlier in the week.
A Microsoft spokesperson was not available for comment by press time.
Microsoft’s Patch Tuesday this month will be on September 8.