Microsoft plans to fix at least three Windows vulnerabilities it rates as "critical" when it releases its regular Patch Tuesday bug-fix drop next week, the company said.

This time, none of the security holes affect Microsoft (NASDAQ: MSFT) Windows 7 as they did last month, although one of them does impact Windows Server 2008, which shares a majority of its code with the new desktop operating system. Windows 7 had its official consumer launch on Oct. 22.

Also on the list for next week will be two patches for Microsoft Office, but the bugs those patches address are only rated as "important" -- the next-highest severity rating on Microsoft's four-tiered scale.

Of note, two of the patches also affect Office for Mac, including 2008. The three Office patches also impact Windows versions of Office ranging from Office XP to Office 2007.

All-in-all, though, November's patch event will be fairly tame -- coming nowhere close to October, during which Microsoft delivered its largest patch drop to date. The October Patch Tuesday release included a total of 13 patches, eight of them critical, that fixed a total of 34 flaws, including two that impacted Windows 7.

Microsoft's advance notices are meant to warn IT administrators about the types of patches they will need to prioritize and install following the next week's Patch Tuesday update.

Since Microsoft doesn't want to tip off hackers to what it will patch, however, company officials are deliberately vague in the advance notices. Therefore, notices only mention upcoming patches as numbered security bulletins, and provide little other data for security pundits to examine and provide input on in advance of the actual patch releases.

This month, the most important one is so far only known as Bulletin 3, Sheldon Malm, senior director of security strategy at Rapid7, said in a statement.

Article courtesy of