'Critical' Windows, Exchange fixes coming

Microsoft's "Patch Tuesday" will include three security alerts with patches for Windows and the Exchange e-mail server software.

Joris Evers Staff Writer, CNET News.com
Joris Evers covers security.
Joris Evers
As part of its monthly patching cycle, Microsoft plans on Tuesday to release three security bulletins with fixes for flaws in Windows and Exchange.

The Exchange e-mail server and at least one of the Windows alerts is deemed "critical," Microsoft's highest risk rating, the software maker said in a notice posted on its Web site on Thursday. Such flaws typically allow a full compromise of a vulnerable system without any, or minimal, user interaction.

Microsoft did not specify how many flaws the updates will tackle, or say which components of Windows and Exchange are being repaired. Security researchers over the past weeks have reported several unpatched flaws in Internet Explorer, the Web browser component of Windows.

Last month, Microsoft released five security bulletins. People have reported trouble with three of them, forcing Microsoft to reissue one amended patch in the middle of its monthly cycle.

On Tuesday, Microsoft also plans to release an updated version of the Windows Malicious Software Removal Tool. The software detects and removes common malicious code placed on computers.

The company gave no further information on the upcoming bulletins, other than stating that the fixes may require restarting the computer or server.

The Redmond, Wash., software maker offers advance notification about patches so people can get ready to install the updates.

Microsoft said it will host a Webcast about the new fixes on Wednesday at 11 a.m. PT.