Microsoft will release three critical security updates next Tuesday. A total of seven updates are planned. Microsoft plans to issue seven sets of security patches next week, including critical fixes for DirectX, Internet Explorer and Bluetooth wireless software for Windows.The updates are due Tuesday, the day Microsoft had previously scheduled to release its security patches. Fixes are also slated for Active Directory, the Windows Internet Name Service (WINS) and the Pragmatic General Multicast (PGM) protocol, used by Windows to stream media to many recipients. These updates are all rated “important.”A seventh update, rated “moderate,” is listed as a “Kill Bit” update for Windows. This type of patch will disable code that is known to have a security bug.“The Kill Bit will more than likely be for a third-party application,” said Andrew Storms, director of security operations with security vendor nCircle. Lately, Microsoft’s security group has had to pay more attention to software that runs on top of Windows, as attackers have increasingly looked to products like QuickTime, Adobe’s Flash and other media players when devising their attacks.Last Friday, Microsoft warned that a widely publicized flaw in Apple’s Safari browser could be combined with another Microsoft bug to let attackers run unauthorized software on a victim’s PC. It’s not clear whether Microsoft plans to patch that bug. The IE update could include a fix, although it’s unlikely that Microsoft has had enough time to run this software through its testing process, Storms said.It is unusual for Microsoft to patch Bluetooth, a protocol used to connect devices like headsets to Windows, but added that “the more interesting question is will this patch and/or the bug extend into Windows mobile where it will more than likely have a greater impact?”Microsoft announced the planned patches in a note posted to its Web site on Thursday. Related content news Okta launches Cybersecurity Workforce Development Initiative New philanthropic and educational grants aim to advance inclusive pathways into cybersecurity and technology careers. By Michael Hill Oct 04, 2023 3 mins IT Skills Careers Security news New critical AI vulnerabilities in TorchServe put thousands of AI models at risk The vulnerabilities can completely compromise the AI infrastructure of the world’s biggest businesses, Oligo Security said. By Shweta Sharma Oct 04, 2023 4 mins Vulnerabilities news ChatGPT “not a reliable” tool for detecting vulnerabilities in developed code NCC Group report claims machine learning models show strong promise in detecting novel zero-day attacks. By Michael Hill Oct 04, 2023 3 mins DevSecOps Generative AI Vulnerabilities news Google Chrome zero-day jumps onto CISA's known vulnerability list A serious security flaw in Google Chrome, which was discovered under active exploitation in the wild, is a new addition to the Cybersecurity and Infrastructure Agency’s Known Exploited vulnerabilities catalog. By Jon Gold Oct 03, 2023 3 mins Zero-day vulnerability Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe