Microsoft to issue critical patch for Office on May 12

Microsoft has issues a statement saying they will issue a "critical" patch this coming Tuesday to fix a flaw in Microsoft Office PowerPoint. The single update is oddly timed, after Microsoft released eight patches to fix 23 vulnerabilities only days ago. Critical patches are the highest rating Microsoft gives to updates, issuing an urgent warning to install the needed fix.

The outstanding patch has been sitting idly by for almost a month until questions were raised on why it was missed during the latest patches. The vulnerability was reported almost a month ago, back on April 2, in Microsoft's Office PowerPoint can be triggered using rigged presentation files.

The following versions of Microsoft Office PowerPoint versions will require patching:

  • PowerPoint 2000
  • PowerPoint 2002
  • PowerPoint 2003
  • PowerPoint 2007
However, the 2007 version of PowerPoint does not contain the vulnerability, but will merely be a bug fix. The issue date for the single update will be on May 12, 2009, available to all users with Microsoft Office installed.

Report a problem with article
Previous Story

Future App Store submissions must now be OS 3.0 compatible

Next Story

Twitter's new business model: Search

8 Comments

"However, the 2007 version of PowerPoint does not contain the vulnerability, but will merely be a bug fix."

What does that mean?

From the linked article:

"Previously, Microsoft had admitted that the bug was in an older PowerPoint file format. The inclusion of PowerPoint 2007, Storms speculated, means that the new version may be affected when it tries to convert from an older format to the Office 2007 native format."

This is unbelievably confusing. May 12 is the regular Patch Tuesday for May and today is the day Microsoft regularly pre-announces it's patches. I don't understand the hoo-ha about 8 patches "only days ago." How could this patch have been "sitting idly by" for a month when it was only reported a month ago?

rdmiller said,
This is unbelievably confusing. May 12 is the regular Patch Tuesday for May and today is the day Microsoft regularly pre-announces it's patches. I don't understand the hoo-ha about 8 patches "only days ago." How could this patch have been "sitting idly by" for a month when it was only reported a month ago?

+1 I was thinking is this 'out of band'? Sure enough, patch tuesday is here again (second tuesday).

And I thought they were going to do something about their faulty implementation of the ODF spreadsheet format.

Commenting is disabled on this article.