Microsoft said it plans next week to release 10 security bulletins, including three critical ones, to repair 34 vulnerabilities in Windows, Office and Internet Explorer.
The software giant on Thursday issued its advanced notification of its planned "Patch Tuesday" software updates. Six of the bulletins affect Windows, including two that are rated as critical and could allow attackers to execute code remotely. Another critical bulletin affects Internet Explorer and could also allow remote code execution.
The rest of the updates affecting Windows and Office are rated as important and could lead to elevation or privilege and remote code execution, Microsoft said. The company advised customers to prepare for the testing and deployment of the updates as soon as possible.
Microsoft said it plans to address a reported vulnerability in Internet Explorer for users running Windows XP or who have disabled Internet Explorer Protected Mode, and close its advisory about a vulnerability in its SharePoint content management server.
Last month, Microsoft issued two critical bulletins to correct vulnerabilities in Outlook Express and Visual Basic that could be remotely exploited.
In Thursday's advance notification, Jerry Bryant, response communications group manager at Microsoft, reminded Windows 2000 and Windows XP SP2 users that all support for those platforms will end after July 13. "Customers should upgrade to either a supported operating system or the latest service pack in order to keep receiving necessary security updates," he said.