On the second Tuesday of the month, Redmond-based software giant Microsoft releases patches and updates for its products – which we all know as Patch Tuesday. Here is the part that you do not know: the February 2010 Patch Tuesday is going to be a big one, a really big one.

Microsoft announced that on Tuesday, the 9th of February, it will release a total of 13 security bulletins. Out of these 13 bulletins, 5 have been rated as critical. To be more precise, these 5 bulletins have been rated as critical because they allow for remote code execution. 7 bulletins have been rated as important – they allow for remote code execution, denial of service, and elevation of privilege. 1 security bulletin has been rated as moderate – it also allows for remote code execution.

The 13 security bulletins apply to the Windows operating system (OS) and the Microsoft Office productivity suite. 11 bulletins affect the Windows OS (all Windows versions), 2 affect Microsoft Office (but not Office 2007 and 2008, older Office versions). The 13 security bulletins will fix a grand total of 26 vulnerabilities.

It should be noted that the vulnerability in IE (Internet Explorer) discovered a few days ago will not be patched this Tuesday. For those of you not up to date, Microsoft recently announced that an attacker could access files with an already known filename and location if the computer user is running IE with Protected Mode turned off. “The vulnerability exists due to content being forced to render incorrectly from local files in such a way that information can be exposed to malicious websites,” explained Microsoft. This vulnerability affects IE6, IE7 and IE8, but the most vulnerable are XP users who have disabled Internet Explorer Protected Mode. This feature is enabled by default in Vista and Windows 7.

For additional info on this month’s Patch Tuesday, see Microsoft's Security Bulletin Advance Notification for February 2010 here.