Microsoft plans to have a quiet Patch Tuesday this month: Just two bulletins covering security vulnerabilities in the Windows operating system and Office productivity suite.
According to an advance notice
from Redmond, the Windows update will be rated “critical” because of the risk of remote code execution attacks. This patch only affects Windows Server 2003, Windows Server 2008 and Windows Server 2008 R2.
The Microsoft Office patch will carry an “important” rating and will also cover flaws that can be exploited in remote code execution attacks.
The patches are expected to be released on May 10, 2011 at 1:00 PM Eastern.
Microsoft also announced plans to modify its Exploitability Index
to provide more details for Windows users running the newest software versions.