Microsoft to patch 12 flaws next week

08.02.2007
Microsoft said Thursday that it will issue a dozen security updates next week to patch critical vulnerabilities in Windows, Office and Visual Studio, as well as in its antivirus software.

Of the 12 bulletins Microsoft plans to release Feb. 13, five affect Windows; two are related to Microsoft Office; one affects Visual Studio; one impacts Windows and Office; one relates to Step-by-Step Interactive Training; one relates to the Microsoft Data Access Components; and one will patch the company's antivirus lineup, including Windows Live OneCare, Windows Defender, Antigen and Forefront.

At least five of the dozen bulletins will be pegged as "critical," the most serious ranking in Microsoft's four-step rating system.

A total of 10 high-priority, nonsecurity updates will also be posted next Tuesday, Microsoft said in its monthly advance notification.

As is its practice, Microsoft did not disclose details of the updates ahead of their release. The planned February fixes, however, appear to include at least some of the four bulletins originally slated for release last month; they were dropped from the list at the last minute. The Windows-Visual Studio update, for example, was touted by Microsoft in January but not delivered.

One of the Microsoft Office updates may be dedicated to the numerous unpatched Word vulnerabilities that have been disclosed since early December. Three bugs from that month and a fourth made public last month have already been used by attackers in limited, targeted attacks, Microsoft has acknowledged.