Hello everyone -

It's a new year and the Microsoft Security Response Center is ready to provide the Advance Notice for January's security bulletins. We have two bulletins addressing three vulnerabilities in Windows.

The first bulletin is Important and affects Windows Vista.  The second bulletin has an aggregate of Critical and all supported versions of Windows are affected. As always, we recommend that customers deploy these updates as soon as possible. 

This month we will not be releasing updates to address Security Advisory 2490606 (public vulnerability affecting Windows Graphics Rendering Engine) and Security Advisory 2488013 (public vulnerability affecting Internet Explorer). We continue to actively monitor both vulnerabilities and for Advisory 2488013 we have started to see targeted attacks. If customers have not already, we recommend they consult the Advisory for the mitigation recommendations. We continue to watch the threat landscape very closely and if the situation changes, we will post updates here on the MSRC blog.

As always, the bulletin release is slated for the second Tuesday of the month, January 11th, at 10:00 a.m. PST. Come back to this blog at that time for our official risk & impact analysis and deployment guidance.

We invite everyone to join the monthly technical webcast next week with your hosts, Jerry Bryant and Dustin Childs, to learn more about the January 2011 security bulletin release. The webcast is scheduled for Wednesday, January 12, 2011 at 11:00 a.m. PST (UTC -8). Registration for the webcast can be found here.

Thank you,

Carlene Chmaj

Microsoft Trustworthy Computing, Senior Response Communications Manager