Microsoft to release six Windows security updates

Updates to fix flaws in Windows and its XML parser

Microsoft will release six groups of security patches next Tuesday, fixing flaws in its Windows operating system.

The updates will be released as part of Microsoft's regularly scheduled monthly patch release, and will fix critical flaws in Windows and the company's XML (Extensible Markup Language) parser, according to Microsoft.

With only six updates, November looks to be a quieter month for systems administrators than October. Last month, Microsoft issued 10 updates, fixing 26 bugs in its Windows and Office software.

The XML update is of particular interest to security experts because hackers have posted code showing how a flaw in the parser could be exploited to run unauthorised programs on a PC.

However, Microsoft gave no indication that it plans to patch this or another recent bug, reported last week in its Visual Studio software. That bug, known as the WMI Object vulnerability could also allow an attacker to run unauthorized code on a victim's computer.

Because these bugs were reported recently Microsoft has had a narrow window in which to develop patches.

"It wouldn't surprise me if neither of these are fixed this month, given how little time it seems Microsoft has had to fix them," senior information security analyst for Cybertrust, Russ Cooper, said.

Either way, most users were not at great risk from the two bugs, he said.

"As far as we at Cybertrust are concerned, both of these issues have been rated as hype," he said. "There is far more media attention than actual exploitation ... or risk."

Join the newsletter!

Error: Please check your email address.

More about Microsoft

Show Comments

Market Place