News Stay informed about the latest enterprise technology news and product updates.

Microsoft to address 22 flaws in Patch Tuesday updates

In its advance notification, Microsoft said it would issue 12 bulletins, three critical, addressing holes in Windows, Internet Explorer, Office, Visual Studio and IIS.

Microsoft will issue 12 bulletins, three critical next week as part of its regularly scheduled Patch Tuesday round...

of updates, repairing holes across its product line.

In its February Advance Notification, the software giant said it would patch 22 vulnerabilities, addressing issues in Microsoft Windows Internet Explorer, Office, Visual Studio and IIS. The updates are scheduled to be released Feb. 8 at 1 p.m. ET.

Included in the February batch of patches is an update to repair a publicly disclosed vulnerability in its Windows Graphics Rendering Engine, which could be used in drive-by attacks. The flaw is in the way Windows accesses an object to run an application. A malicious thumbnail image can cause the Graphics Rendering Engine to fail. The maintainers of the Metasploit Framework created a module for the zero-day flaw last month, though there have been no reports of ongoing attacks targeting the vulnerability.

Microsoft is also addressing a serious memory bug in Internet Explorer that could be used by attackers to remotely execute malicious files. The flaw is in the Cascading Style Sheet (CSS) function within Internet Explorer surfaced in late December. An automated fix-it was issued and temporarily prevents the recursive loading of CSS stylesheets.

~Robert Westervelt

Dig Deeper on Microsoft Windows security

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.