News Stay informed about the latest enterprise technology news and product updates.

Microsoft to issue 'critical' patches Tuesday

After a patch-free March, Microsoft says to expect eight updates Tuesday to fix critical security holes in Windows, Office, MSN Messenger and Exchange.

If you were hoping to get by without patching your Windows systems for a second month in a row, prepare to be...


Microsoft said on its TechNet site that a sizable batch of updates will be issued Tuesday to plug security holes in Windows, Office, MSN Messenger and Exchange. The software giant won't offer details on the vulnerabilities until then, but it does expect to release:

  • Five bulletins affecting Windows, some or all of them for critical flaws;
  • One critical bulletin affecting Microsoft Office;
  • One critical bulletin affecting MSN Messenger; and
  • One critical bulletin affecting Microsoft Exchange.

That day the company also plans to release an updated version of the Windows Malicious Software Removal Tool on Windows Update and the Download Center and two "non-security high-priority" updates for Windows on the Windows Update site.

It's unclear if any updates will address two critical vulnerabilities in Internet Explorer, Outlook and other Microsoft programs brought to light April 1 by Aliso Viejo, Calif.-based eEye Digital Security.

eEye said the first vulnerability "allows malicious code to be executed, contingent upon minimal user interaction," and affects Internet Explorer, Outlook and "additional miscellaneous titles." Operating systems affected are all versions of Windows NT 4.0, Windows 2000 and Windows XP. It remains to be determined if Windows 2003 is affected, the firm said.

Related information

Critical flaws in IE, Outlook

Linux lags Windows in security report

The second vulnerability has the same damage potential and also affects IE and Outlook, though it's still unclear which versions of the Windows operating system are vulnerable.

A Microsoft spokeswoman confirmed Friday that the company is investigating the flaws eEye brought to its attention.

IT administrators got a rare break from Windows patching last month. The last time Microsoft skipped a month of patch releases before that was December 2003.

Dig Deeper on Microsoft Patch Tuesday and patch management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.