Microsoft has issued an advanced security notification for the month of March 2011. Patch Tuesday, as nicknamed by Microsoft, where the company releases the latest security patches for Windows, Office, Internet Explorer and other Microsoft branded software on the second Tuesday of every month.
This month is a light one, bringing only three bulletins, one which is labeled Critical, Microsoft's highest security rating, and the other two labeled as Important. All three patches will fix remote code execution flaws in both the Microsoft Windows operating system and in Microsoft Office.
There hasn't been any mention if a patch will be released for the MHTML vulnerability found on all supported versions of Windows. The vulnerability exists by the way MHTML interprets MIME-formatted requests, allowing an attacker to run an unauthorized script. We'll have to wait till March 8 for the patches to be released to determine if the MHTML vulnerability has been patched.
The patches will fix vulnerabilities in the following software:
- Windows XP SP3
- Windows Vista SP1 & SP2
- Windows 7
- Windows Server 2003 SP2
- Windows Server 2008 R2
- Microsoft Office Groove 2007
Some of these updates will require a restart. Affected software includes both 32-bit and 64-bit, where applicable.