Microsoft said it will distribute four security updates next week to patch five vulnerabilities in Windows and Office, as well as the bug that a Google researcher took public a month ago.

As predictable, the schedule for next Tuesday is comparatively short Microsoft has been shipping irregular large and small batches of fixes, with the larger updates landing in even-numbered months. In June, for instance, the corporation issued 10 bulletins that patched a record-tying 34 vulnerabilities. May's collection, for now, amounted to just two bulletins that fixed two faults.

"This month is light, and would have been still lighter if Tavis hadn't forced them to move earlier than their standard," said Wolfgang Kandek, the chief technology officer of Qualys. Kandek was referring to Tavis Ormandy, the Google security engineer who published assault code in early on June for a bug in Windows XP's Help and Support Center.

An aspect that permits users access and download Microsoft assist files from Web, and can be used by support technicians to commence remote support tools on a local PC. The bug, Microsoft said today, as well affects Windows Server 2003.

Ormandy has been at the center of argument as he openly disclosed the vulnerability five days after reporting it, when he said Microsoft wouldn't entrust to a patching deadline.