It is likely that this batch of patches will finally provide cover for well-known—and already exploited—vulnerabilities in Microsoft Excel. Microsoft plans to release four security bulletins March 11 to cover a number of remote code execution vulnerabilities affecting the Microsoft Office productivity suite. All four bulletins will be rated "critical," Microsoft's highest severity rating.
According to the software vendor's advance notice mechanism, three of the high-priority bulletins will cover holes in Microsoft Office while the fourth will deal with issues in Microsoft Office Web Components. Affected software includes Microsoft Office 2000, Microsoft Office XP, Microsoft Office 2003, Microsoft Excel, Microsoft Office Outlook and Microsoft Office for Mac.