Microsoft will be releasing their November round of security patches next Tuesday (14 November), and have advised that there will be six patches to be released. It is already known that one of the patches is for an issue that has been under active attack for several days – the MS XML 0-day vulnerability that was initially disclosed a week ago. Unsurprisingly, Microsoft have identified that this patch is a Critical update, which is their most serious vulnerability rating.
Besides the MS XML patch, there will be five patches for other issues within Microsoft Windows, with at least one patch also rated Critical by Microsoft. Although Microsoft have not identified what elements of Windows will be receiving an update, they have hinted at upcoming patches for Internet Explorer (including the just-released IE 7), and there have been other serious vulnerabilities that have been under active attack for several weeks. This means that Wednesday (dubbed 0-day Wednesday by some) the 15th of November is likely to not see a lot of new exploit code posted / released to the world, as there are plenty of current examples of unpatched critical vulnerabilities.
There are many...