Microsoft plans to release a total of 10 security fixes, including "critical" Windows updates, during its Monthly Security Bulletin release, scheduled for next Tuesday. The company also plans to release an updated version of its Microsoft Windows Malicious Software Removal Tool, Microsoft said Thursday.
Though the company released few details on the updates, they will include "moderate" updates covering Microsoft Services for Unix, Microsoft Internet Security and Acceleration Server, and Small Business Server. An "important" security update for Exchange is also planned, the company said in a statement published on the company's Web site.
Microsoft has deemed some of these updates as critical, meaning that the vulnerability could allow malicious code to spread without user action, but some critical vulnerabilities may be far less likely to be exploited than others, said Russ Cooper, senior scientist at Cybertrust and editor of the NTBugtraq discussion list. Until Microsoft provides more details, it is impossible to tell whether these updates will mitigate any significant security risks, he said.
"The importance is in the details," Cooper said.
Those details will be released Tuesday and then discussed during the monthly Microsoft Security Bulletin Webcast, scheduled for Wednesday.
More information can be found here: http://www.microsoft.com/technet/security/bulletin/advance.mspx