Microsoft to release four security patches on Tuesday

Two security patches coming from Microsoft on Patch Tuesday are rated critical and affect Windows, IE, and Exchange Server.

Elinor Mills Former Staff Writer

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.

See full bio

Elinor Mills

Feb. 5, 2009 3:01 p.m. PT

Microsoft will be releasing four security updates on Tuesday, including two that are critical affecting Windows, Internet Explorer, and Microsoft Exchange Server, the company said on Thursday.

The critical updates affect Windows Internet Explorer 7, Windows XP Professional Edition, Windows Vista, Microsoft Exchange 2000 Server, Exchange Server 2003 and Exchange Server 2007, according to the alert.

Two other updates rated important affect SQL Server 2000, SQL Server 2005 and Office. The vulnerabilities could allow for an attacker to remotely execute code on an unpatched system.

Microsoft will release the security updates on Patch Tuesday, the second Tuesday of the month. The company provides advance notification for customers to alert them as to the software affected but keeps the details vague to prevent exploits from being developed.