There will be ten bulletins released by Microsoft next Tuesday and one of those should be for the recent Internet Explorer zero-day discovered earlier this week. Buletin 2 should cover the remote code execution of the IE-8 0day while Bulletin 1 will also cover RCE in IE 6 thru 10. We suspect Bulletin 1 will fix the issue discovered during the PWN2OWN competition at CanSecWest earlier this year.
Bulletins 3, 4, and 10 are in Windows itself including .NET. They are rated Important and cover Denial of Service, Spoofing and Elevation of Privilege vulnerabilities.
Bulletins 5, 6, and 7 are all rated Important and all three result in remote code execution in parts of Microsoft Office. Specifically Communicator and Lync, Publisher and Word in that order.
Bulletin 9 is also rated as Important and results in Information Disclosure in Windows Essentials. Don’t get confused with Security Essentials. Windows Essentials is a free software pack for Windows 7 that includes Mail, Movie Maker, Messenger and other useful apps that Microsoft gives away.