IT administrators can expect five security bulletins from Microsoft Tuesday, of which the maximum security rating will be "important." But details on the vulnerabilities to be fixed and the products affected won't come until then.
That's about all the software giant said in a statement on its TechNet site Thursday. In fact, the only other details offered was that some security updates may require users to restart their computers and that, "The information contained in this notification is subject to change due to the complexity of testing security updates. Therefore, the notification should not be viewed as definitive."
This is the second time the company has issued early notification on what to expect for Patch Tuesday three business days in advance. It started the practice last month in response to customer feedback.
The company went outside its normal patching cycle Dec. 1 and issued a "critical" fix for the IFRAME vulnerability in Internet Explorer. The security hole has been targeted by variants of the Mydoom and Bofra worms in the last month. Attackers have also used infections hidden in Web site ad banners to exploit the vulnerability