For security administrators responsible to deploy the latest security patches released by Microsoft November it will be a quite month.

In its latest security bulletin Microsoft said it will issue just two updates in its monthly security software release, also known as “Patch Tuesday”.

As usual, Microsoft didn’t released any details about the upcoming patches, but one of them is rated “Critical”, the highest rating on the company’s security rating scale.

The critical vulnerability allows remote code execution. It is believed that the “critical” address may address the vulnerability reported earlier this month in Macrovision SECDRV.SYS driver.

In its Microsoft Security Advisory (944653), Microsoft said: “We are aware of limited attacks that try to use the reported vulnerability. Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.

Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This will include providing a security update through our monthly release process.” SECDRV.SYS driver is required in order to play games that are protected by Macrovision's SafeDisc copy-protection software.

Macrovision has released its own update to SECDRV.SYS in order to solve the problem.

The other security patch is rated as “important”  and it appears to fix a “spoofing” vulnerability in Windows that Microsoft planned to fix last month. The affected software includes Windows 2000, Windows XP, and Windows Server 2003. Windows Vista is not affected by those security patches. Last month Microsoft issued seven security bulletins.