Microsoft pushed out a series of five patches for Vista early this week.

The updates (http://isc.sans.org/diary.html?storyid=3334) - two of which were rated important, two are recommended and one optional - took security observers by surprise because they were released outside Microsoft's normal Patch Tuesday update cycle.

The "important" updates, released on Tuesday, address Daylight Saving Time changes that come into effect in the US this year and flaws in Vista's Background Intelligent Transfer Service (BITS), a windows component that manages file transfer using idle network bandwidth. A brace of updates released on Thursday and last Saturday address various performance and reliability issues in Windows Vista. Finally, Microsoft is distributing an "optional" patch from AMD that deals with vulnerability in the Catalyst installer component.

None of the updates is on the critical list so we are a bit puzzled why they couldn't have waited until Patch Tuesday. Microsoft's monthly patch schedule was created, after all, to give customers a better idea of when Microsoft was likely to publish updates. Quizzed on the point, Microsoft provided us with a statement which does not address the timing issues, but clarifies that the updates involve "incremental fixes" that are narrow in scope., which sounds very much like patches by another name.

Microsoft's statement said: "On Tuesday, Microsoft released new reliability/compatibility hotfixes (KB938194 and KB938979) via Windows Update. The updates are a collection of fixes made to address a small set of reliability and performance issues. These updates provide incremental improvements (or fixes) to the most common issues—but in general, these improvements or fixes are very narrow in scope. For more information, please go to the Windows Update home page."

The next edition of Microsoft's Patch incremental fixes Tuesday falls on 11 September. ®

Related stories

MS preps critical Vista patch for Tuesday (4 January 2008)
http://www.channelregister.co.uk/2008/01/04/ms_patch_tuesday_pre_alert/
Fight malware by upgrading to Vista, urges MS (23 October 2007)
http://www.channelregister.co.uk/2007/10/23/rsa_vista_security_pitch/
Dutch Consumer Association declares war on Vista (13 October 2007)
http://www.channelregister.co.uk/2007/10/13/dutch_consumer_association_declares_war/
Windows XP repair disk kills automatic updates (29 September 2007)
http://www.channelregister.co.uk/2007/09/29/windows_update_flap/
Microsoft shouts 'Long Live XP' (28 September 2007)
http://www.channelregister.co.uk/2007/09/28/microsoft_xp_deadline/
Vista attacked by 13-year-old virus (17 September 2007)
http://www.channelregister.co.uk/2007/09/17/vista_hit_by_stoned_angelina/
Microsoft dispels rumors of stealth Windows updates (14 September 2007)
http://www.channelregister.co.uk/2007/09/14/microsoft_dispels_stealth_update_rumors/
Microsoft serves light fare on Patch Tuesday (11 September 2007)
http://www.theregister.co.uk/2007/09/11/modest_offerings_for_september_patch_tuesday_/
MS lawyers take out AutoPatcher (30 August 2007)
http://www.channelregister.co.uk/2007/08/30/autopatcher/
Microsoft promises less-annoying Vista OS early next year (29 August 2007)
http://www.channelregister.co.uk/2007/08/29/microsoft_trumpets_vista_sp1/
Microsoft delivers critical fixes for Windows, IE and Excel (14 August 2007)
http://www.channelregister.co.uk/2007/08/14/august_patch_tuesday/
ATI driver flaw exposes Vista kernel (10 August 2007)
http://www.channelregister.co.uk/2007/08/10/ati_driver_snafu/
False positives run amok in Vista anti-virus tests (3 August 2007)
http://www.channelregister.co.uk/2007/08/03/64bitvista_av_tests/
First Vista service pack beta for 07 (1 August 2007)
http://www.channelregister.co.uk/2007/08/01/windows_vista_sp1/
Vista and IE 7 to receive 'critical' fixes on Patch Tuesday (7 June 2007)
http://www.channelregister.co.uk/2007/06/07/microsoft_june_patch_tuesday/
Vista joins MS patch treadmill (18 August 2006)
http://www.channelregister.co.uk/2006/08/18/vista_security_update/