14 DAY TRIAL // There is no explicit reference pointing to the Windows Vista operating system in the Microsoft Security Bulletin Advance Notification released on April 3, 2007. Still, the Redmond Company plans to make available two security bulletins addressing vulnerabilities impacting the Windows platform. Microsoft's monthly security bulletin release is scheduled for May 8, 2007, next week.
According to the Redmond Company, the maximum severity rating of the two security bulletins for Windows will be Critical. In addition, the Redmond Company will also patch security flaws in the Office system, in Exchange, and CAPICOM and BizTalk.
At this time, there are three security bulletins planned for Office with the highest security rating of Critical. The remaining two security bulletins, both rated as Critical will solve vulnerabilities in Microsoft Exchange and Microsoft CAPICOM and BizTalk.
"We also have an update to the Microsoft Windows Malicious Software Removal Tool, and we are planning to release one high-priority non-security update on Windows Update and six high-priority non-security updates through Microsoft Update. I do want to remind everyone that the information in the Advance Notification is subject to change as we continue testing until we release on Tuesday. If anything changes or we have new information, we will let you know," revealed Christopher Budd, Security program Manager with MSRC.
Budd additionally provided an update related to the vulnerability affecting the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server Service Pack 4, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2, that was made public on April 12. Currently, the situation related to the DNS flaw remains unchanged, with limited and targeted attacks only.