January 2010 Bulletin Release Advance Notification

Advance Notification for the January 2010 Security Bulletin Release
It may be a new year but here in the Microsoft Security Response Center, it is business as usual. This month we have one bulletin addressing a single vulnerability in Windows. The vulnerability is critical on Windows 2000 and low for all other platforms. Customers with Windows 2000 systems will want to review and deploy this update as soon as possible but, as we will show in our release guidance next week, the Exploitability Index rating for this issue will not be high which lowers the overall risk.
I also want to proactively point out that we will not be addressing Security Advisory 977544 (Vulnerability in SMB Could Allow Denial of Service). We are still working on an update for the issue at this time. We are not aware of any active attacks using the exploit code that was made public for this vulnerability and continue to encourage customers to follow the guidance in the advisory which outlines best practices to help protect systems against attacks that originate outside of the enterprise perimeter.
As always, the bulletin (continue reading...)