Microsoft to plug holes in Windows, IE, Word, Office, and Excel
Microsoft will issue six critical security updates and four others for Windows, Office, Internet Explorer, Word, and Excel as part of next week's Patch Tuesday.
Updated 3:30 p.m. PDT with Adobe update due on Tuesday.
Microsoft will release 10 security updates on Patch Tuesday next week, including critical patches for holes in Windows, Internet Explorer, Word, Office, and Excel.
In addition, Adobe said it will provide security updates for Adobe Reader and Acrobat versions 7.x, 8.x, and 9.x for Windows and Macintosh on Tuesday in its first quarterly security update for its popular software for creating and reading PDF files. The critical update will be detailed on Adobe's security bulletin site.
Meanwhile, the six critical vulnerabilities in Microsoft software could allow an attacker to remotely execute code on a machine, according to the Microsoft security bulletin issued on Thursday.
Three important vulnerabilities in Windows could allow an attacker to elevate privileges and one moderate vulnerability in Windows could enable information disclosure.
Affected products include Windows 2000, XP, XP Professional edition, Vista, Server 2003, Server 2008; Office 2000, 2003, 2007, and XP; and Microsoft Office 2004 and 2008 for the Mac.
Other affected software includes Office Excel Viewer; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats; Works 8.5 and 9.0; and Office SharePoint Server.
It's likely the PowerPoint vulnerability is the same one that Microsoft warned about in April and fixed in the Windows version last month.
Missing from the list of patches is one disclosed by Microsoft in its DirectX streaming media technology in Windows last week that could allow someone to take complete control of a computer using a maliciously crafted QuickTime file.