Patch/Configuration Management, Vulnerability Management

Microsoft to fix three ‘critical’ vulnerabilities on Patch Tuesday

Microsoft plans to send out six security bulletins, three of which it has rated as "critical" (its highest severity rating), in its monthly Patch Tuesday release on July 10.

All three critical vulnerabilities can result in the takeover of users' systems, according to Microsoft's Advance Notification for July 2007. Without providing details, the company said the three "critical" issues affect Windows and Office - specifically Excel and its Microsoft .Net Framework offering.

It has rated two other vulnerabilities as "important." These affect the Publisher component of Office and XP Professional, allowing malicious code to execute on an impacted Windows PC.

Windows Vista, the latest version of Microsoft's operating system, is affected by a "moderate" vulnerability, according to the company. Microsoft said on its website that this vulnerability could lead to a data leak.

The company has released information on the upcoming Patch Tuesday on its Microsoft Security Response Center website.

In recent months, Vista - which Microsoft has touted as its most secure operating system - has required multiple patches, including its first Windows Vista-only patch in June. July's upcoming patches, as with last month's, could all allow malicious code to take over a user's PC.

Microsoft is also planning to release an update to the Microsoft Windows Malicious Software Removal Tool, four high-priority, non-security updates on Microsoft Update and one on Windows Update offerings.

Microsoft will host a webcast covering these bulletins on Wednesday, July 11, at 11 a.m. PST. Registration is available here.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.