On Tuesday, Microsoft
will issue it’s monthly batch of patches and security fixes. This time around, the number of fixes is smaller than usual, hopefully a good sign for the future.
One of those fixes is to Microsoft XML Core Services, a vulnerability found just in the past few days in Microsoft’s XML parser that could allow for remote code execution.
The severity rating is critical, the highest level Microsoft has, but it’s actually not that severe a threat.
Thus far only one example of it has been found and, according to anti-spyware vendor Sunbelt Software, it doesn’t work all that well.
Also, the component affected is not installed on a Windows system by default. It’s most commonly used on servers. Microsoft has already posted an advisory on how to disable the services.
After that, there are only five more security bulletins, all of them confined to Windows. The most severe of the issues is rated as critical.
Microsoft will also release an updated version of its Malicious Software Removal Tool along with the fixes and two non-security high-priority updates. The company did not disclose what these updates are.
As is tradition, Microsoft will host a Web broadcast on Wednesday, the day after the fixes are issued, to discuss them.
The Webcast will be at 11 a.m. PST.