The critical flaw exists in Windows and can be exploited for remote code execution, according to Microsoft's advance notification.
Four “important” patches will also be released. Two of the bulletins fix bugs allowing remote code execution in Visual Studio and MSN Messenger and Windows Live Messenger.
Two other patches fix flaws allowing privilege escalation attacks in Windows Services for UNIX and the subsystem for UNIX-based applications, Windows and SharePoint Server.
Last month, the software giant fixed 14 flaws through the distribution of eight client-side patches. Six August patches fixed critical flaws, including one in the XML Core Services program that can be exploited for remote code execution.
July's Patch Tuesday release included six patches for 11 flaws, including critical vulnerabilities in Active Directory in Windows 2000 and 2003 Server and .Net Framework.
June saw Microsoft's first Windows Vista-only patch, along with five other security bulletins.
Microsoft to release five fixes on Patch Tuesday
By Frank Washkuch on Sep 10, 2007 8:49AM