Big Security Fixes Coming from Microsoft, Adobe

Microsoft plans to release fixes for twelve security bulletins tomorrow, three of which have been deemed "critical". Those who don't bother with the update could find themselves vulnerable to several remote code execution threats.

Microsoft started the year quietly with a small set of patches for its January Patch Tuesday. That's changed this month, as the company now prepares to fix three "critical" and nine "important" bulletins.

Flaws in Every Version of Windows Addressed

Arguably, the most serious issue addressed on Tuesday will be a much-needed fix for Microsoft's Internet Explorer (IE) web browser, which has recently been made vulnerable by a memory flaw in its CSS function. (Source: mcpmag.com)

The other critical bulletins are related to vulnerabilities in every version of Windows, from Windows XP to Vista, Server 2008, and Windows 7.

It's not expected Microsoft will have prepared a patch for a recently reported MHTML issue found in IE and Windows that also affects every version of the popular operating system (OS). A workaround has been released for that issue, but security experts aren't confident Microsoft has had enough time to develop a fix.

Fixes Likely Require System Restart

As for the "important" bulletins, they're associated with every version of Windows, as well as several applications, including Microsoft Office, the Visual Studio development tool, and the Visio apps.

It's expected all of the fixes introduced on Tuesday will require a system restart.

Security experts are referring to this Patch Tuesday as an important bit of "spring cleaning" on the part of Microsoft, but it's not alone in providing vital fixes this week. Adobe will also be releasing security updates for its Reader and Acrobat applications on Tuesday. (Source: ghacks.net)