Microsoft today said it will patch a record 64 vulnerabilities in Windows, Office, Internet Explorer, Windows graphics framework, and other software next week, and tie a December 2010 record for the number of security updates it issues.

The 17 updates -- Microsoft calls them "bulletins" -- tie the count of December 2010. The bulletins that will ship next Tuesday will include 64 patches, Microsoft said, 15 more than the previous record of October 2010, and 24 more than the 40 of the former second-place collection of December 2010.

Of the 17 updates, 9 will be rated "critical," the highest threat label in Microsoft's four-step scoring system, while the remaining 8 will be marked "important."

"We were expecting the larger release this month, based on the normal cadence," said Andrew Storms, director of security operations at nCircle Security, referring to Microsoft's habit of issuing a larger number of updates on even-numbered months.

"But a whopping 64 CVEs is out of line with anything normal for Microsoft," Storms observed, talking about the Common Vulnerabilities and Exposures labels that identify individual bugs. "All hands on deck will be required next week."

Full story: PC World