Microsoft will release six patches tomorrow, with one fix for a 'critical' flaw.
On its third Patch Tuesday of 2012, it confirmed that the patches will affect all of the supported versions of Windows as well as seven patches for the application development platform Visual Studio and Expression Design.
The critical patch is for a remote code execution flaw in Windows; five patches are rated as 'important' and cover elevation of privilege, remote code execution and denial-of-service vulnerabilities. One 'moderate' flaw is in Windows.
Paul Henry, security and forensic analyst, Lumension, said: “This month's bulletins impact the full operating system family and while six bulletins represents a light load of patches, this Tuesday will be disruptive in terms of required reboots.”
Wolfgang Kandek, CTO of Qualys, said: “Bulletin one will be the most important; it is critical-rated remote code execution and is applicable in all versions of Windows from XP to the latest Windows 7 and Server 2008R2.
“The other remote code execution vulnerability is in bulletin five, rated important because opening a malicious file is required for Expression Design, an application competing with Adobe's graphics tools.”