Security administrators can breath a little easier come November’s Patch Tuesday next week. Microsoft said that it will issue only two security bulletins next Tuesday, November 15 — one rated Critical and the other rated Important.
In fact, the bulletin labeled “Important” was originally slated for October, but it was bumped at the last minute. It involves a spoofing vulnerability that allows an attacker to change the address in Internet Explorer to hide the fact that the user is visiting a phishing site. It affects only Windows 2000 and Windows Server 2003 systems.
There is speculation that the “Critical” vulnerability could be the one involving Macrovision’s SECDRV.SYS driver.
However, Andrew Storms, director of security operations at nCircle Inc noted that:
Microsoft would have to stretch its usual definition of “remote code execution” to make the Macrovision vulnerability fit the update, since both companies have been calling it a privilege elevation flaw, and thus less serious. “Microsoft sometimes seems to go back and forth about privilege elevation,” Storms said. “They might just say, ‘sure it’s an elevation, but it could also lead to remote code execution.’ Or we may just see a reversal here of the bug’s severity.”