By Joris Evers
Staff Writer, CNET News.com
December 7, 2006
As part of its monthly patch cycle, Microsoft plans to release on
Tuesday six security bulletins, at least two of them deemed "critical."
Five of the security bulletins will include fixes for vulnerabilities in
Windows, Microsoft said in a notice on its Web site Thursday. The sixth
bulletin will offer an update for Visual Studio, it said.
Microsoft has not scheduled a patch for Office. Earlier this week, it
warned that a yet-to-be-patched security hole in multiple versions of
Word--part of the Office suite--is being exploited in cyberattacks. The
software maker is working on a security update, but apparently needs
The company did not specify how many flaws Tuesday's updates will
address or in which components of Windows the holes lie. The Visual
Studio update could offer a patch for a zero-day vulnerability in the
developer tools that was made public last month.
The company has tagged the security hole in the developer tool as
"critical," its highest risk rating. Critical vulnerabilities typically
can allow a worm to spread or allow a Windows system to be fully
compromised with minor or no interaction from the person using it.
However, it did not offer details on exactly what will be fixed in
Also on Tuesday, Microsoft will release an updated version of its
Windows Malicious Software Removal Tool. The program detects and removes
common malicious code placed on computers.
Last month, the software maker delivered six security bulletins, five of
which were described as critical.
Microsoft gave no further information on the upcoming bulletins, other
than stating that some of the Windows fixes may require restarting the
computer or server.
Subscribe to InfoSec News