Microsoft to fix 25 holes in Windows, Office, Exchange
Among the holes fixed by updates on Patch Tuesday will be vulnerabilities in VBScript and SMB that are exposed to attack due to exploit code being in the wild.
Microsoft will issue 11 security bulletins in next week's Patch Tuesday to fix 25 vulnerabilities in Windows, Microsoft Office, and Exchange, including two holes for which exploit code is in the wild.
Five of the bulletins address critical vulnerabilities that could allow an attacker to take control of the computer, five are rated important, and one is rated moderate.
With the updates, Microsoft will be closing two outstanding security advisories that have been worrisome because code to exploit the vulnerabilities is available publicly.
One of the advisories is 981169, which involves a vulnerability in VBScript that could allow the remote execution of code and a complete takeover of the system. Disclosed on , it affects older versions of Windows running Internet Explorer.
The other advisory to be closed is 977544, which involves a hole in Server Message Block (SMB) protocol that could allow a denial-of-service attack and that dates back to .
Also on Tuesday, Adobe Systems will release itsfor Reader and Acrobat via a new update system. Adobe has quarterly security update releases that coincide with Patch Tuesdays.