Microsoft to release two emergency security updates the coming Tuesday
In a security bulletin advance notification published late Friday, Microsoft said that it would be releasing two emergency security updates the coming Tuesday, for a critical vulnerability in Internet Explorer and a moderate vulnerability in Visual Studio developer suite.
The announced round of security updates is an “outside of the monthly cycle” patch from Microsoft, which characteristically schedules its patches for the second Tuesday every month, thereby allowing administrators the requisite time to plan for and test the updates.
The Microsoft notification specifies that the vulnerabilities affect Windows 2000, Windows XP, Vista, Windows Server 2003 and 2008, Internet Explorer 6, 7 and 8, Microsoft Visual Studio .NET 2003, Visual Studio 2005 and 2008 and Visual C++ 2005 and 2008.
Microsoft said in a statement that both the security bulletins will address one overall issue, but the separate releases underline the need “to provide the broadest protections possible to customers.”
Talking about the updates, Microsoft spokesman said: “The Visual Studio bulletin will address an issue that can affect certain types of applications. The Internet Explorer bulletin will provide defense-in-depth changes to Internet Explorer to help provide additional protections for the issues addressed by the Visual Studio bulletin. The Internet Explorer update will also address vulnerabilities rated as Critical that are unrelated to the Visual Studio bulletin that were privately and responsibly reported.”