Five critical vulnerabilities expected in August 2012 Patch Tuesday

Microsoft plans to issue nine bulletins, including five critical, addressing vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft Office and its other products.

The five critical bulletins will patch ten vulnerabilities in Microsoft Windows, Internet Explorer, Exchange, SQL Server, and the Server Software and Developer Tools, according to the Microsoft Advance Notification issued on Aug. 9.

Bulletins 1-5, the ones given the marker of “critical,” could allow for remote code execution. The first three will require a restart, the fourth may require one, and the fifth does not, Microsoft said.

Specifically, Bulletin 1 addresses an issue with all currently supported versions of Internet Explorer running on Windows. August marks the third consecutive month of patches for Internet Explorer.

Bulletin 2 addresses a vulnerability in Windows XP Service Pack 3, while Bulletin 3 focuses on issues in several different versions of Service Packs on different Windows operating systems. Bulletin 4 addresses issues on the widest range of software, from Microsoft Office to Microsoft SQL Server. Bulletin 5 confronts problems within Microsoft Exchange Server.

In addition to the critical bulletins, Microsoft has marked four bulletins as “important,” affecting Microsoft Office and Microsoft Windows. Of these bulletins, three could allow for remote code execution and may require a restart. One could allow an elevation of privilege and will require a restart.

The bulletins will be released Aug. 14 at approximately 1 p.m. ET.

Last month, Microsoft patched a vulnerability in its XML Core Services, fixed a flaw in its Internet Explorer browser and addressed a vulnerability in Microsoft Data Access Components, among other repairs to a variety of its different programs.