Microsoft has issued advance notification for the July patch on Tuesday. Four bulletins are expected.
Security bulletins will be issued for Microsoft Windows (two critical bulletins fixing vulnerabilities that could allow remote execution of code) and two for Microsoft Office (one critical and one important – both fix vulnerabilities that could allow remote code execution.)
The patches will include a fix for the vulnerability in Windows Help and Support Center (XP and Server 2003 only) that can allow execution of code from malicious Web pages or malicious links in e-mail (CVE-2010-1885). There were reports of the vulnerability being exploited after Google researcher Tavis Ormandy made public proof of concept code earlier this month.
This month also marks the end date for support for Windows XP SP2 and Windows 2000.
Tom Kelchner