26 flaws fixed, millions to go
Microsoft is going to release a monster security update
for its Patch Tuesday release, repairing a total of 26 vulnerabilities in
Microsoft Windows and Office with 13 updates, five of which are ranked
"critical." According to Microsoft's advanced notification bulletin
seven are rated with the slightly less severe ranking of "important"
and one is deemed "moderate."
There are also to Microsoft Office bulletins plugging
holes in mainly older versions of Office. The Office patches won't apply to
newer versions Office 2007 and Office 2008 for Mac that come equipped with more
advanced security functions. Redmond said that there are no in-the-wild attacks
exploiting the vulnerabilities. However, Microsoft researchers advised users to
upgrade their systems with the latest software versions that incorporate
elevated security protections in order to prevent possible future attack.
"We encourage customers to upgrade to the latest
versions of both Windows and Office. As this bulletin release shows, the latest
versions are less impacted overall due to the improved security protections
built in to these products," Microsoft said in a company blog post.
Included in Tuesday's impending update is a fix for a
previously disclosed vulnerability in Windows Kernel, which Microsoft
researchers detected in January. If exploited, the vulnerability could enable
hackers to infiltrate a user's computer with elevated privileges.