Microsoft schedules seven patches for next week

Microsoft slated seven security updates for release early next week that target vulnerabilities in Windows, Internet Explorer, Outlook Express, Word and SharePoint.

Of the seven bulletins expected October 9, four will be rated "critical," Microsoft's highest ranking, while the remainder will be labeled "important," the next-lower rating. What details Microsoft was willing to share prior to the patches' debut were posted to the pre-patch notification filed on the company's Web site this morning.

Windows will account for three of the seven updates, and one of the four critical fixes. The solitary critical bulletin affects Windows 2000, Windows XP Home SP2 and Windows Server 2003, Microsoft said.

The three remaining critical updates will address one or more vulnerabilities in Outlook Express, the e-mail software bundled with Windows, and Windows Mail, Vista's name for the program; Internet Explorer (IE); and Microsoft Word. Every version of IE will need a patch, according to the affected software section of the notice, including IE 7 on Vista, the edition Microsoft has repeatedly touted as its most secure browser ever.

All versions of Outlook Express harbor a critical bug, as does Word 2000, but the flaws in other flavors of Microsoft's entry-level mail client and word processor were designated as important.

Windows will also get two out of the three important updates, with SharePoint Services 3.0 receiving the third. The SharePoint fix was originally scheduled to have been released last month, but at the last minute Microsoft yanked that one without an explanation.

Assuming Microsoft releases all seven bulletins, users will have dealt with 61 updates so far this year, four fewer than same period in 2006.

Microsoft posts updates on the second Tuesday of each month between 1 p.m. and 3 p.m. EDT.