Microsoft's July batch of patches will include critical fixes for bugs in Windows and Office; an Excel spreadsheet fix is expected.
Microsoft plans to release seven security bulletins on July 11 to cover a range of critical vulnerabilities affecting Windows and Office users.
Four of the seven bulletins will include patches for flaws in the Windows operating system, while three will deal with bugs in the Microsoft Office productivity suite.
As is customary, the company is not releasing details on the vulnerabilities except to say that the updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool.
That flaw is already being used in targeted attacks against an unidentified business interest, Microsoft confirmed.
The Excel attack includes the use of Trojan horse program called Trojan.Mdropper.J that arrives as an Excel spreadsheet with the file name "okN.xls."
When the Trojan is executed, it exploits the Excel flaw to drop and execute a second piece of malware called Downloader.Booli.A. It then closes Microsoft Excel.
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.