Microsoft to deliver patches by the dozen

Slew of Patch Tuesday security updates will include "critical" fixes for Windows, Office and Microsoft's security tools.

Joris Evers Staff Writer, CNET News.com

Joris Evers covers security.

See full bio

Joris Evers

Feb. 9, 2007 2:10 a.m. PT

Microsoft on Tuesday plans to release a dozen security bulletins, including a "critical" one for its own anti-spyware and other security products.

The bulletins, part of its monthly patch cycle, will provide fixes for an undisclosed number of security vulnerabilities, Microsoft said in a note on its Web site Thursday.

The software maker plans to offer fixes for Windows, Office, Visual Studio, Microsoft Data Access Components (MDAC), and several of its security products, including its Windows Live OneCare package of antivirus, firewall and PC health tools and its Windows Defender anti-spyware.

At least four of the bulletins will be labeled "critical," Microsoft's highest severity rating. These type of security issues typically could allow an attacker to gain full control of an affected system with no or minimal action by the user.

Critical fixes are on tap for Windows, Office, MDAC and the security tools, Microsoft said. The company provided no further details on which problems it is fixing, other than that some of the updates may require a system restart.

There are 10 disclosed, but yet-to-be-patched security holes in various Microsoft products, according to eEye Security's zero-day flaw tracker. At least five flaws are known in Office and at least one in Visual Studio.

Last month, Microsoft pulled four planned security bulletins at the last moment. Those bulletins were slated to address bugs in Office.