Welcome to the new ZDNet! Give feedback or learn more about our updated design here. Or, return to the classic view.

MS Patch Tuesday heads-up: 25 holes in Windows, Office

Five of the 11 bulletins will be rated "critical," Microsoft's highest severity rating. The flaws affect all versions of Windows, including the company's newest Windows 7 operating system.

Microsoft plans to release 11 security bulletins on Tuesday April 13, 2010 to fix 25 documented vulnerabilities that expose Windows users to remote code execution attacks.

Five of the 11 bulletins will be rated "critical," Microsoft's highest severity rating.  The flaws affect all versions of Windows, including the company's newest Windows 7 operating system.

The vulnerabilities will address security holes in Windows, Microsoft Office, and Microsoft Exchange, according to Jerry Bryant, a group manager in Redmond's security response center.

follow Ryan Naraine on twitter

Bryant also confirmed that the April batch of patches will include fixes for two publicly known issues:

[ SEE: Hacker exploits IE8 on Windows 7 to win Pwn2Own ]

The Internet Explorer flaw exploited at this year's Pwn2Own contest will not be patched this month. Microsoft typically alternates between patching OS and client software vulnerabilities which means the next IE patch isn't scheduled until May 4th, 2010 at the earliest.

Windows users can find all the affected software and severity ratings in the Microsoft's advance notice summary.

If you're on Twitter, you can receive updates from the MSRC at the new @MSFTSecResponse account.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All