Microsoft is planning to release patches April 13 for 25 vulnerabilities affecting Windows, Office and Exchange.
Microsoft is planning a significant Patch Tuesday update April 13 to address
25 vulnerabilities across Windows, Microsoft Office and Microsoft Exchange.
In its pre-patch
April 8, Microsoft said there would be a total of 11 security
bulletins issued. Five of the 11 are rated critical and affect Windows. Of the
remaining six, all but one are classified as important. The final bulletin
is rated moderate.
"The five critical bulletins affect all versions of Windows software
that are widely being used and could therefore cause an interruption in
services affecting workflow and productivity levels ... [IT departments] should
be prepared this month and plan ahead as to how they are going to test and then
deploy these patches with minimal interruptions to employee productivity
levels," noted Don Leatham, senior director of solutions and strategy for
Among the problems addressed by the bulletins are two bugs Microsoft warned
users about in the past-the vulnerability in the SMB
reported in November, and a vulnerability
the company warned users about in March. Neither bug is
believed to be the subject of attacks.
Jerry Bryant, Microsoft's group manager of Security Response Center
Communications, also reminded users in a blog post that Microsoft
will be terminating support
for a number of products in the days and months
ahead, and urged users to migrate to supported platforms. Windows XP Service
Pack 2 and Windows 2000 will end July 13, he noted, and Windows Vista RTM will
no longer be supported after the April 13 bulletin release. Service Pack 1 will
still be supported until July 12, but customers should update to Service Pack 2
or Windows 7 at this time, Bryant recommended.