In a fresh bid to thwart hackers from exploiting unpatched vulnerabilities in its Windows and Office software, Microsoft plans to issue a total of 11 security updates next Tuesday.
No one's safe till Tuesday
Some of the Office and Windows updates will be for critical flaws that could be exploited by attackers with no action on the part of users. Six of the patches will be for Windows, and four of them will be for Office, Microsoft said yesterday in a note on its website.
The 11th update will be for a flaw in Microsoft's .Net framework, which is considered less severe than the critical Windows and Office patches.
Hackers have been keeping Microsoft's Security Response Center busy this past month.
Microsoft generally issues its security patches on the second Tuesday of every month, but last week the company was forced to issue a rare, "out-of-cycle" security patch after criminals began exploiting a flaw in Internet Explorer's VML (Vector Markup Language) rendering engine.
And security experts have also warned of cyberattacks based on unpatched flaws in PowerPoint, Word 2000 and in an ActiveX control (called WebViewFolderIcon) used by the Windows' graphical user interface software.
The WebViewFolderIcon flaw will be patched Tuesday, Microsoft said. Attacks that take advantage of this flaw have been seen on the Internet, the SANS Internet Storm Center warned earlier this week.