Today we’re providing advance notification of the release of seven bulletins, one Critical and six Important, which address 20 vulnerabilities for October 2012. The Critical bulletin addresses vulnerabilities in Microsoft Word. The six Important-rated bulletins will address issues in Windows, Microsoft Office, and SQL Server. This release will also address the issue in FAST Search Server first described in Security Advisory 2737111.

As a reminder, we’ll provide the update we described in Security Advisory 2661254 through Windows Update next Tuesday. We previously made this release available through the download center for manual deployment and testing.  Releasing KB2661254 to Automatic Updates and requiring that RSA key lengths be a minimum of 1024 bits will be our final step in this effort to help customers strengthen their certificates.

As usual, we’ve scheduled the bulletin release for the second Tuesday of the month, Oct. 9, 2012 at approximately 10 a.m. PDT. For all the latest information, you can also follow the MSRC team on Twitter at @MSFTSecResponse.

Thank you,
Dustin Childs
Group Manager
Microsoft Trustworthy Computing