Security administrators should have a pretty easy time of it next Tuesday as Microsoft says it will issue just two updates in its monthly security software release.
Microsoft said next week's updates will include a critical update for the Windows operating system as well as a less-serious 'important' Windows update.
Microsoft has been working on a fix for buggy antipiracy that has been shipping with Windows for the last few years and security experts believe that this will be one of the flaws fixed next week. The bug lies in the secdrv.sys driver built by Macrovision that ships with Windows XP, Server 2003, and Vista, but Vista is not vulnerable to the problem, according to Microsoft.
The software vendor is aware of 'limited attacks' that exploit this vulnerability to get elevated privileges on a victim's machine.
Users who are concerned about the vulnerability can remove the secdrv.sys driver, but this software is required in order to play games that are protected by Macrovision's SafeDisc copy-protection software.
The second update appears to fix a 'spoofing' vulnerability in Windows that Microsoft had planned to fix in October, but which was pulled at the last minute.
As is customary, Microsoft didn't say what exactly it will be fixing in next week's updates, but the company did say that the critical update will be for Windows XP and Server 2003 users, while the important update will be for Windows 2000, and Windows Server 2003.
Two sets of patches is far fewer than normal for Microsoft. Last month, Microsoft released six security updates.