Microsoft to fix four holes in Windows, Office

Patch Tuesday for March will include a "critical" bulletin affecting Windows and "important" bulletins for Windows and Office.

Microsoft

Contrary to last month when Microsoft plugged 22 holes on Patch Tuesday, only four holes will be fixed in the company's monthly security update roundup next week.

There will be three bulletins, one of them rated "critical" for Microsoft Windows and the other two rated "important" and affecting Windows and Office, according to the preview advisory released today.

While they are few in number, they are not to be ignored. They all involve remote code execution, which means an attacker could force code to run on a target's machine and could lead to a complete takeover of the computer.

"The upcoming Patch Tuesday includes a fix for a DLL (dynamic-link library) hijacking vulnerability in the Microsoft Groove application," said HD Moore, chief security officer at Rapid7 and chief architect at Metasploit. "This was one of the hundreds of flaws discovered last year by both Rapid7 and another security firm. I am glad to see that Microsoft is making progress on these vulnerabilities and continuing to fix affected applications."

 

ARTICLE DISCUSSION

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

Hot on CNET

The Next Big Thing

Consoles go wide and far beyond gaming with power and realism.