By Gregg Keizer
November 4, 2005
Microsoft will release one critical security bulletin next Tuesday,
Nov. 8, in its monthly patch program, the company said Thursday.
The bulletin, which by Microsoft's numbering system will be dubbed
"MS05-053," affects Windows, said the developer's advance notification
posted  on the Microsoft site.
"The maximum total severity rating for this month is Critical, so
please update systems as soon as possible when the bulletin is
available this coming Tuesday," wrote Stephen Toulouse, the head of
Microsoft's Security Response Center (MSRC), on the group's blog
Other than that, Microsoft was mum, but according to vulnerability
researchers at eEye Digital Security, there are currently at least
eight flaws in Windows that have not been fixed, including ones
reported to the Redmond, Wash.-based developer as long ago as March
Microsoft also said that on Tuesday it would release a pair of
high-priority, but non-security-related updates to Windows, as well as
reissue its Windows Malicious Software Removal Tool.
If November's patch schedule goes according to plan, it will be a
dramatic drop-off from the nine security bulletins rolled out in
October; those bulletins fixed a total of 14 vulnerabilities.
It might also give MSRC a chance to catch its breath. Since the
October bulletins' release, the security center has notified users
that one patch broke some Web sites when viewed with Internet
Explorer, clarified one Windows 2000 patch, and explained why another
As is usual, Microsoft will host a follow-up Webcast next week, Nov.
9, to answer questions about the fixes.
Earn your Master's degree in Information Security ONLINE
Study IA management practices and the latest infosec issues.
Norwich University is an NSA Center of Excellence.