Patch Tuesday: IE at risk of malware attacks; 57 flaws in total

Summary:In the latest round of monthly patches from Microsoft, users of Internet Explorer should jump ship for the next few days as all versions of the browser are at risk of malware attacks.

Microsoft will release 12 patches for 57 vulnerabilities next week for Windows, Internet Explorer, and Office.

A spattering of enterprise products, including Microsoft Office and Windows Server, and developer tools, such as .NET Framework, will also be patched.

Five of the updates are labeled "critical," in which malicious code can be remotely executed on users' machines. Another vulnerability that allows remote code execution is labeled "important."

The company's pre-release bulletin warns of two major vulnerabilities for Internet Explorer, which will patch a flaw allowing hackers to run remotely executed code on vulnerable machines. All versions from IE6 to IE10 are affected, including Windows RT-based Surface tablets, which will also need to be updated.

With this in mind, users are advised to switch to another browser for the next few days until the updates are released. 

While the software giant normally throws in any Internet Explorer fixes into a monthly update, next Tuesday's patches will address the severity of the vulnerabilities.

Another critical update will address a flaw in Windows XP, Windows Vista, and Windows Server 2003—but does not affect later versions of the operating system, such as Windows 7 or Windows 8.

The fourth critical vulnerability patches Microsoft's email server, Exchange, while the fifth critical vulnerability affects only Windows XP-based machines.

In other "important" updates, Microsoft will also patch SharePoint which could be subject to code injection attacks. 

Microsoft doesn't release the full details of the vulnerabilities until patches are made available. 

Microsoft's advisory notice serve as a 'get prepared' warning for the upcoming Tuesday, February 12, when the patches are released through the usual update channels, such as Windows Update.

Topics: Security, Microsoft

About

Zack Whittaker writes for ZDNet, CNET, and CBS News. He is based in New York City.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.