Microsoft Preps 17 Security Bulletins For Patch Tuesday

If everything proceeds as planned, this month's Patch Tuesday release would be the biggest of the year so far. Of the 17 security bulletins, nine have Microsoft's highest rating of "Critical"; the other eight are rated "Important" According to Microsoft's pre-patch advisory, besides Windows and Internet Explorer the bulletins will also address issues in Microsoft Office, Visual Studio, the .NET Framework and GDI+.

"This month we'll be closing some issues that Microsoft has already previously spoken to, including the SMB Browser (Critical) issue publicly disclosed Feb. 15," blogged Pete Voss, senior response communications manager with Microsoft Trustworthy Computing. "Microsoft assessed the situation and'reported'that although the vulnerability could theoretically allow Remote Code Execution, that was extremely unlikely.'To this day, we have seen no evidence of attacks."

The company is also planning to fix the MHTML vulnerability in Windows it first issued an advisory on back in late January, Voss added. The company has seen limited, targeted attacks going after the flaw.

"This is a huge update and system administrators should plan for deployment as all windows systems including Server 2008 and Windows 7 are affected by critical bulletins," blogged Amol Sarwate, manager at the vulnerability research lab at Qualys'. "Frequently used office applications like Excel 2003 through 2010 and PowerPoint 2002 through 2010 are also affected."

The Patch Tuesday update is scheduled for release April 12 at approximately 10 a.m. PDT.