Computers worldwide will be pretty busy next Tuesday installing all the new patches that Microsoft cooked up for this month's edition of Patch Tuesday. The software giant has prepared updates for 40 security flaws in Windows, Office, Internet Explorer, SharePoint, and Exchange. The updates will be delivered in 17 individual security bulletins, with two rated as critical.
One of the forthcoming patches will close the last remaining vulnerability being exploited by Stuxnet. According to a blog post by Mike Reavey, director of Microsoft Security Response Center, "this is a local elevation of privilege vulnerability and we've seen no evidence of its use in active exploits aside from the Stuxnet malware."
Microsoft is also patching a bug in IE that's currently being exploited by attackers, though Reavey rates the number of related exploits as being "pretty low," and notes that "customers running Internet Explorer 8 remained protected by default due to the extra protection provided by Data Execution Prevention (DEP)."