Just like in August, Microsoft is releasing a series of eleven security updates, four of which are market critical – the highest threat rating. The bugs being fixed this time are for Windows, Active Directory, Internet Explorer (IE), Office and Host Integration Server.

This month’s advance notification is business as usual for Microsoft, releasing some general and very basic information such as which programs and components thereof are affected and the severity of each bug. The total of 11 bulletins covers four critical level security issues, six important issues, and one moderate.

Seven of the eleven patches, including all four of the critical ones, are tagged with the ‘Remote Code Execution’ label by Microsoft, which means that the vulnerabilities that they address have the potential to allow an attacker to execute malicious code on a victim’s machine. This is usually done by means of convincing the victim to open an e-mail attachment or to visit a specially crafted website.

The critical bugs target Active Directory, IE, Excel and Microsoft Host. The Active Directory patch will only apply to Windows 2000 Server, and it should be noted that this particular component has already been patched several times during the last few months, most recently in June when a problem in LDAP requests was fixed.

Considering the versions were affected, the Excel update will likely fix a file format bug. Both the Windows and Mac versions of the program will have to be patched, according to the notice, and whenever this has happened in the past, it has usually been a file format issue.

Microsoft will release the 11 security updates at approximately 1 p.m. EST on Oct. 14, what’s colloquially known as Patch Tuesday.