News Stay informed about the latest enterprise technology news and product updates.

Microsoft to repair 25 flaws in Windows, Office and Exchange

Eleven bulletins, five critical, will be issued by Microsoft next week.

Microsoft plans to release 11 security bulletins April 13, repairing 25 vulnerabilities in Windows, Microsoft Office...

and Exchange.

In its patch Advance Notification Service, Microsoft said five of the bulletins are rated critical. The 25 vulnerabilities affect all versions of Windows, including the latest version, Windows 7.

Jerry Bryant, senior security communications manager for the Microsoft Security Response Center, said the software giant will address two publicly known issues. A VBScript issue with Internet Explorer will be repaired. An advisory on the issue was issued March 1. The flaw could allow an attacker to run arbitrary code by tricking a user to browse to a malicious Web page and press the F1 key to access Windows Help files in Internet Explorer.

A denial of service vulnerability in the Server Message Block (SMB) protocol will also be addressed, Bryant said.

Microsoft issued an emergency bulletin March 30, repairing a zero-day vulnerability in Internet Explorer and nine other IE fixes. The zero-day vulnerability affected IE 6 and 7 and was being publicly targeted in the wild. The other fixes rolled into the bulletin address remote code execution and information disclosure flaws. Most were critical, including three Internet Explorer 8 vulnerabilities.

~Robert Westervelt

Dig Deeper on Microsoft Windows security

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.