Next week Microsoft will release 12 new security updates on Tuesday, with seven of the 12 tagged as highly critical.
Among the dozen updates listed in the prepatch notification posted to the Microsoft Web site this morning, are three slated for Microsoft Office, three for Windows, two for Internet Information Server (IIS), and one each for Internet Explorer, Microsoft Works, VBScript and JScript, and Active Directory.
Nor will the patches be limited to Windows, according to Microsoft. Several of the bulletins spell out fixes to Office 2004 for Mac.
But it's the sheer number of updates that struck Storms. "Quite a few people are going to be working overtime next week, starting Tuesday," he said, referring to IT staffers responsible for testing and deploying security updates.
Some past vulnerability trends also look like they're continuing, he added, pointing to the three Office updates. Each pegged an application in the Office 2000 edition with a "critical" vulnerability, but labeled the same bug only "important" in Office XP and Office 2003. The same applications in Office 2007 on Windows and Office for Mac 2008 were missing from the list, indicating that they posed no risk.