Microsoft's monthly release of security updates is this coming Tuesday, April 13, and is set to deliver 11 patches to address vulnurabilities in various bits of its software. Five of the patches are marked as critical, the highest severity rating by Microsoft, and another five as important.
All five of the critical fixes are for Windows, along with three of the important fixes and one moderate one. The rest of the patches affect Office or Exchange Server, and all of the updates apply to even the most recent versions of Microsoft's software and operating systems (for example, Windows 7, Office 2007, Server 2008 R2 and Exchange Server 2010).
This is a larger batch of patches than is usually released by Microsoft, and they are designed to fix remote code execution, elevation of privilege, denial of service and spoofing vulnerabilities.
The following software is affected:
- Windows 2000 SP4
- Windows XP SP2 & 3
- Windows XP Professional (64-bit) SP2
- Windows Server 2003 SP2 (32-bit and 64-bit, Itanium)
- Windows Vista, SP1, SP2 (32-bit and 64-bit)
- Windows Server 2008, SP2 (32-bit and 64-bit, Itanium)
- Windows 7 (32-bit and 64-bit)
- Windows Server 2008 R2 (64-bit and Itanium-based systems)
- Office XP
- Office 2003
- Office 2007
- Exchange Server 2000
- Exchange Server 2003
- Exchange Server 2007
- Exchange Server 2010
As usual, there will also be an updated version of the Windows Malicious Software Removal Tool released.