The upcoming patches for Windows Vista Service Pack 1 and Windows XP Service Pack 3, along with all the additional software products updated via the Microsoft monthly bulletin cycle, will benefit from two new Security Programs. At the start of August, the Redmond company announced that it was kicking its monthly release of security bulletins up a notch with the introduction of two new initiatives: the Exploitability Index and the Microsoft Active Protections Program. Both will be presented next week, namely on October 14.

This month, Microsoft plans to release no less than 11 security bulletins covering a wide range of its software products including Windows client and server platforms, the Office System and Internet Explorer. At the same time, Bill Sisk, Microsoft Security Response Center Communications Manager, informed that October would also be synonymous with Microsoft offering additional information on the vulnerabilities affecting its software to both customers and partners.

“We want to announce the availability of the Exploitability Index in upcoming security bulletin summaries and the official release of Microsoft Active Protections Program,” Sisk stated. “The Exploitability Index provides additional information to help customers prioritize deployment of monthly security bulletins while the Microsoft Active Protections Program provides vulnerability information to security software providers in advance of Microsoft’s monthly security bulletin releases. Both the Exploitability Index and Microsoft Active Protections Program provide additional support to customers and partners to defend against emerging online threats.”

The Exploitability Index is designed to provide an insight into the level of exploitability of patched vulnerabilities. All security flaws will be labeled in accordance with three levels of risk: "Consistent Exploit Code Likely", "Inconsistent Exploit Code Likely" and "Functioning Exploit Code Unlikely" in accordance with the detection of exploit code in the wild. “As part of our regularly scheduled bulletin release, we’re currently planning to release four Microsoft Security Bulletins rated as Critical, six rated Important, and one rated Moderate,” Sisk added.