It's a super-sized Patch Tuesday this month, and here's what to expect Windows Update to be sending you in the next day or so (if not already). Follow the links if you prefer to install the updates immediately.
Critical updates include:
A fix for a remote code execution vulnerability in Windows Image Color Management affects users running Windows XP, Windows Server 2003, and Windows 2000 SP4 (Windows Vista users can breathe easy on this one).
A fix for a sextet of vulnerabilities in Internet Explorer 5.01, 6, and 7 affects users of Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003, Windows Vista, and Windows Server 2008.
A fix for a remote code execution vulnerability in the ActiveX control for Microsoft Access's snapshot viewer affects Office 2000 SP3, Office XP SP3, and Office 2003 SP2 and SP3 (Office 2007 users, you ducked this one).
A fix for a vulnerability in IPSec VPN rules affects all versions of Windows Vista, Windows Vista SP1 and Windows Server 2008.
A fix for remote code vulnerabilities in Microsoft Windows Event System affects Windows Server 2000 SP4, Windows XP SP2 and SP3, all Windows XP 64-bit editions, Windows Server 2003 SP1 and SP2 (all editions), Windows Vista and Vista SP1, and all editions of Windows Server 2008.
A fix for a vulnerability in both Outlook Express and Windows Mail affects Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008.
A fix for an information disclosure vulnerability in Windows Messenger 4.7 (affects Windows XP SP2, SP3, 64-bit; Windows Server 2003 SP1, SP2, 32-bit, 64-bit, Itanium) and Windows Messenger 5.1 (affects Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 32-bit, 64-bit, Itanium).
As usual, you'll get a new version of the MS Windows Malicious Software tool and a new Windows Mail junk e-mail filter. This month, Patch Tuesday's also bringing you updates for Windows Home Server, daylight savings time updates for current Windows versions, and other fixes for various Windows versions. For details, see the New non-security contents section of KB894199.