Microsoft said it will issue four security updates next week, only one of which is pegged as critical, to patch 22 vulnerabilities in Windows and Visio 2003.

Next Tuesday's patch lineup is smaller than June's, when Microsoft shipped 16 updates that fixed 34 flaws. The company typically delivers a lighter load in odd-numbered months. In May, for instance, Microsoft shipped just two updates -- the company calls them "bulletins" -- to patch only three vulnerabilities.

Of the four updates slated, one will be rated "critical," the highest threat label in Microsoft's four-step scoring system, while the other three will be marked "important," the second-most-dire ranking.

Next week's Patch Tuesday vulnerability count will be among the largest for the year, with its 22 bested only by April's 64 and June's 34, and tied with February's collection.

But the bugs-per-bulletins ratio is the highest for the year, observed Andrew Storms, director of security operations at nCircle Security, hinting of next week's releases.

"I think we'll see one bulletin with a very high number of vulnerabilities," said Storms. "We've seen that happen several times this year, most recently last month when it patched eight bugs in Excel with one update.

Full story: Computerworld