Patch/Configuration Management, Vulnerability Management

Trio of fixes due on Patch Tuesday

Microsoft said today that it plans to release three patches Tuesday as part of its monthly update, including one designed to fix a zero-day vulnerability in Microsoft Office.

The software giant also will issue an update for the Windows Malicious Software Removal Tool (MSRT), according to a notification bulletin released this afternoon.

Of the three security updates, two address "important" flaws in Windows, while the Office bug is deemed "critical."

The flaw, reported in Microsoft Word 2000 when running on Windows 2000, is caused by an unspecified error that occurs when a computer processes Word documents, according to vulnerability monitoring firm Secunia. The vulnerability is exploited when a malicious document is opened, dropping a trojan and allowing the intruders to remotely execute arbitrary code and compromise a user's PC.

Last month, Microsoft issued 12 patches, among the second-highest total ever.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.