As part of its security bulletin advance notification for March, Microsoft revealed Thursday that it will release...
two bulletins that will address eight total vulnerabilities.
The bulletins, each labeled "Important" by Microsoft, will affect Windows and Microsoft Office products.
The security updates will be released Mar. 9 in the software giant's usual monthly Patch Tuesday cycle.
According to a post on the Microsoft Security Response Center (MSRC) blog from Jerry Bryant, senior security communications manager for the MSRC, the upcoming patches will address vulnerabilities that would "require a user to open a specially crafted file." There are no network-based attack vectors, added Bryant.
Bryant also noted that Microsoft is continuing to monitor a VBScript remote code execution vulnerability, disclosed earlier in the week. The VBScript advisory claims that no attacks are known currently, and according to Microsoft, the vulnerability cannot be exploited on Windows 7, Windows Server 2008 R2, Windows Vista, or Windows Server 2008. Customers are encouraged to apply workarounds.