Microsoft said its March 2012 Patch Tuesday release will contain six bulletins, addressing seven vulnerabilities in Microsoft Windows, Visual Studio and Expression Design. According to the Microsoft Advance Notification, only one of the bulletins is rated “critical,” with four rated “important” and one “moderate.”
The only critical bulletin addresses a vulnerability in Windows that could allow for remote code execution. It is a critical fix for Windows XP, Vista and 7, and Windows Server 2003, 2008 and 2008 R2.
Bulletins 2 and 3, rated “important,” also address errors in Microsoft Windows. Bulletin 2 affects the three aforementioned Windows servers and could allow an attacker to carry out a denial-of-service (DoS) attack. Bulletin 3 is listed “important” for the three servers and operating systems previously mentioned, and could allow for elevation of privilege. The first three bulletins will require a restart.
The other “important” bulletins address a vulnerability in Visual Studio, which could allow elevation of privilege in Visual Studio 2008 Service Pack 1, Visual Studio 2010 Service Pack 1. A bulletin also addresses a flaw in Expression Design, Microsoft’s drawing and vector graphics software that enables artists to pull in work from Adobe PhotoShop and Adobe Illustrator. The issue affects Expression Design Service Pack 1, and Expression Design version 2, 3 and 4.
Bulletin 6 is rated “moderate” and is another fix for Windows that could allow an attacker to execute a DoS attack against systems running Windows 7 and Vista, and Windows Servers 2008 and 2008 R2.
The final three may require a restart.
The round of patches is set to be released Mar. 13 is significantly smaller than February’s Microsoft Patch Tuesday 2012 updates, which included nine bulletins addressing 21 vulnerabilities in Microsoft Windows, Office, Internet Explorer, .NET framework and Silverlight.