Next 'critical' Windows patch - out on Tuesday

As part of its monthly patching cycle, Microsoft plans to release 10 security alerts for flaws in Windows and other programs on Tuesday.

Seven security bulletins and fixes apply to the Windows operating system, and at least one of those is deemed 'critical', Microsoft's highest risk rating, the company said in a notice posted to its website on Thursday. The Exchange email server will get one bulletin, rated 'important', the company said.

The remaining two alerts are of 'moderate' risk and affect Windows Services for Unix, ISA Server and Small Business Server, Microsoft said. Services for Unix includes tools to integrate Windows with Unix and Linux environments, while ISA Server is a firewall and web caching product.

In Microsoft's rating system for security issues, vulnerabilities that could allow a malicious internet worm to spread without any action required on the part of the user are rated 'critical'. An 'important' ranking is given to issues that require people to take action - such as open a file - to spread a worm but that could still expose user data or threaten system resources.

Microsoft gave no further information on Thursday, other than that some of the fixes for Windows will require restarting the computer, as may the patches for Services for Unix, ISA Server and Small Business Server. The patch for Exchange will not require users to restart the mail server.

Microsoft provides information in advance of its monthly patch release day, which is every second Tuesday of the month, so people can prepare to install the patches. In May, Microsoft released one security bulletin.

In addition to the fixes, Microsoft on Tuesday plans to release an updated version of the Windows Malicious Software Removal Tool, which detects and removes malicious code placed on computers.

Joris Evers writes for CNET News.com.