Seven Bulletins in Microsoft’s January 10 Security Update

Tomorrow, Microsoft will push to its customers a new software update as part of its monthly schedule, and will have a number of seven bulletins included in the release.

The Microsoft Security Bulletin Advance Notification for January 2012 that was issued today offers some info on tomorrow’s update, though the complete details on it will not be published until tomorrow.

Out of the said 7 bulletins, one is rated Critical. The security issue it patches could allow for Remote Code Execution, Microsoft explains.

The bulletin is targeted at Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, though it is rated Important for the last two OS flavors.

The issue was found on both x32 and x64 versions of these platforms and affects machines that have Service Pack 2 upgrades installed on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, or Service Pack 1 installed on Windows 7 and Windows Server 2008 R2.

Five bulletins are rated Important, though they are not affecting all of the aforementioned versions of Windows. The seventh bulletin is aimed at Microsoft Developer Tools and Software, and is rated Important.

The Microsoft Security Bulletin Advance Notification for January 2012 also explains that not all of the said five Important bulletins are meant for all of the aforementioned Windows flavors.

Two of these could allow Remote Code Execution on affected platforms. Others refer to Security Feature Bypass, Elevation of Privilege, and Information Disclosure, Microsoft explains.

The January security update will be automatically delivered to all affected Windows Platforms via the automatic update process, as soon as users have it activated on their computers.

Only two weeks ago, Microsoft had to issue an out-of-band update for a series of its products to resolve a publicly disclosed vulnerability in .NET Framework, along with some privately signaled security issues in Windows and other products.