SOFTWARE HOUSE Microsoft has announced that it will deliver its first Windows 8 patches in next week's scheduled security update.
The company said that its November edition of Patch Tuesday will include fixes for vulnerabilities in Windows, Internet Explorer, Office and the .NET framework.
According to Microsoft's advance notification posting, all supported versions of Windows ranging from Windows XP to Windows 8 will receive 'critical' fixes, as will all supported versions of Windows Server and Internet Explorer 9.
While Microsoft does not provide details about vulnerabilities prior to releasing patches, the company said that all four of the critical patches will address remote code execution vulnerabilities.
Additionally, the company is planning to release a bulletin to patch a remote code execution flaw in Microsoft Office that it has categorized as 'important' and a patch for an information disclosure vulnerability in Windows that the company has classified as 'moderate'.
Microsoft noted that the Office patch will also be distributed to Mac users running the OS X version of the productivity suite.
Paul Henry, a security and forensic analyst with Lumension said that the number of fixes for serious flaws in Microsoft's latest products is particularly worrisome given Microsoft's commitment to a secure development process.
"Right off the top, it's disappointing to see the critical bulletins impacting more than just legacy code as we've come to expect in recent months. These bulletins impact many current generation products and that's concerning," Henry explained.
"Nothing is ever 100 percent secure and albeit mistakes are made in software. But it's still ugly to see." µ
It's time for our regular two-step through the Google news
Bug bounty offer: accepted