Microsoft plans to issue two critical bulletins next week, as part of its monthly patch cycle, repairing vulnerabilities...
affecting Windows and Office.
The software giant issued its advance notification, Thursday, and advised customers that the bulletins would not address a serious zero-day vulnerability affecting its SharePoint content management server.
"Windows 7 and Windows Server 2008 R2 customers will be offered the Windows related update but they are not vulnerable in their default configurations," wrote Jerry Bryant, Microsoft's group manager of response communications, in the Microsoft Security Response Center blog.
Bryant warned users of SharePoint not to expect a bulletin addressing the SharePoint zero-day vulnerability in which proof-of-concept code is publicly available. Engineering teams are still working on a patch to repair the vulnerability, he said.
Last month Microsoft issued 11 bulletins, five critical, repairing 25 vulnerabilities across its product line. In addition to several media handling vulnerabilities, Microsoft fixed a serious Windows Authenticode Verification flaw. Windows Authenticode Verification is a digital signature format used to verify the origin and integrity of software when it is installed on a machine.