Microsoft’s September batch of security patches will include fixes for 13 documented vulnerabilities affecting Windows, Internet Information Services (IIS), and Microsoft Office. According to the company’s advance notification
for this month’s Patch Tuesday, there will be a total of 9 bulletins (four rated critical) addressing flaws in all versions of Windows, including Windows 7 and Windows Server 2008.
The Microsoft Office bulletins will cover security holes in Microsoft Office XP, Microsoft Office 2003 and Microsoft Office 2007. It is likely these will include fixes for the DLL load hijacking attack vector
that affects hundreds of Windows applications.
Seven of the nine bulletins address flaws that could lead to “remote code execution” attacks so it’s important for affected Windows users to pay close attention to this patch batch.