Microsoft plans security patch blitzkrieg

The Redmond-based behemoth known as Microsoft has confirmed that it will be issuing 11 security bulletins on Patch Tuesday to fix a whopping 25 vulnerabilities in Windows, Office and Exchange.

Five of the bulletins reportedly patch critical vulnerabilities that could allow a malicious attacker to gain control of a PC. Five others are rated “important,” while one has been dubbed “moderate.”

The updates will address two infamous security advisories that warned of (publicly available) code which could be used to exploit the above-mentioned vulnerabilities.

One of the advisories – 981169 – involves a vulnerability in (older versions of Windows and IE) VBScript that could potentially facilitate the remote execution of code and a fatal system takeover.

The second advisory relates to a gaping breach in the Server Message Block (SMB) protocol that could theoretically be exploited to permit a denial-of-service attack.

According to CNET, a number of MS products will be affected by the patches, including: Windows 2000, XP, Vista, 7, Office XP/2003/2007, Server 2003/2008, and Exchange Server 2000/2003/2007/2010.