By Joris Evers
Staff Writer, CNET News.com
January 4, 2007
As part of its monthly patch cycle, Microsoft plans to release on
Tuesday eight security bulletins to plug holes in its software products.
The most serious problems are in the Windows operating system and Office
productivity suite, Microsoft said in a heads-up on its Web site
Thursday. Each of those two product families will get three security
bulletins, some of which will be tagged as "critical," Microsoft's
highest risk rating.
In addition, Microsoft in its advance notification separates out two
more security bulletins, one for Windows and Visual Studio and one for
Windows and Office. These will be rated "important," a notch lower on
the the company's risk ranking.
Microsoft did not specify how many flaws Tuesday's updates will address
or which components of its products will be fixed. eEye Digital Security
on its Zero-Day Tracker Web site lists a total of eight zero-day
vulnerabilities that Microsoft still has to address, with four each in
Office and Windows.
Also on Tuesday, Microsoft plans to release an updated version of its
Windows Malicious Software Removal Tool. The program detects and removes
common malicious code placed on computers.
Last month, the software maker delivered seven security bulletins, three
of which were deemed critical. Critical vulnerabilities typically can
allow a worm to spread or allow a Windows system to be fully compromised
with minor or no interaction from the person using it.
Microsoft gave no further information on the upcoming bulletins, other
than stating that some of the fixes may require restarting the computer
Subscribe to InfoSec News