Microsoft will release six groups of security patches next Tuesday, fixing flaws in its Windows OS (operating system).
With only six updates in the regularly scheduled monthly patch release, November looks to be a quieter month for systems administrators than October. Last month, Microsoft issued 10 updates, fixing 26 bugs in its Windows and Office software.
A new XML update is of particular interest to security experts because hackers have posted code showing how a flaw could be exploited to run unauthorised programs on a PC.
However, Microsoft gave no indication that it plans to patch this or another recent bug, reported last week in its Visual Studio software. That bug, known as the WMI Object vulnerability, could also allow an attacker to run unauthorised code on a victim's computer.
Because these bugs were reported recently, Microsoft has had a narrow window in which to develop patches.
"It wouldn't surprise me if neither of these are fixed this month, given how little time it seems Microsoft has had to fix them," said Russ Cooper, senior information security analyst at Cybertrust.
Either way, most users are not at great risk from the two bugs, he added. "As far as we at Cybertrust are concerned, both of these issues have been rated as hype," he said. "There is far more media attention than actual exploitation... or risk."