Microsoft Security Response Center (MSRC) issued details about the October security updates via Microsoft Security Bulletin Advance Notification Service.
“On Tuesday, October 11 2011, at approximately 10 AM Pacific Time, Microsoft will release eight bulletins, two Critical and six Important, to address 23 vulnerabilities — covering a range of products, including Internet Explorer, .NET Framework and Silverlight, Windows, Microsoft Forefront UAG, and Microsoft Host Integration Server, according to Pete Voss, Sr. Response Communications Manager Microsoft Trustworthy Computing.”
According to MSRC, customers running Windows 7 Service Pack 1 (SP1) will need to apply both Critical updates and another three Important patches.
Microsoft notes that while one of the Critical patches is designed to plug vulnerabilities in IE, the other comes to resolve issues impacting .NET Framework and Silverlight.
Customers running Internet Explorer 9, but also earlier versions of IE, will need to patch their browser, including in scenarios where it’s running on top of Windows 7 SP1.
The easiest way to get security updates when they’re available is to turn on Windows automatic updating. For more information about how this works, see Understanding Windows automatic updating.