Microsoft Patch Day Dozen

The software maker will release 12 security bulletins to cover code execution flaws in Windows, Office and Exchange.

Microsoft plans to release a dozen security bulletins June 13 to provide fixes for a wide range of critical software vulnerabilities.

The June batch of updates will include patches for a critical zero-day flaw in Microsoft Word and an Internet Explorer update that deals with the way the browser handles ActiveX controls.

A Microsoft spokesperson confirmed in an interview with eWEEK that the Microsoft Office update will offer a comprehensive fix for the Word flaw that has been exploited in targeted attacks emanating from China and Taiwan.

In the absence of a patch, the Redmond, Wash., software maker recommends that customers run Word in safe mode as a temporary measure to thwart potential attacks.

In all, Patch Tuesday will include nine bulletins to cover bugs affecting the ubiquitous Windows operating system. The highest maximum severity rating for the Windows bulletins is "critical."

One bulletin rated "important" will deal with issues in Microsoft Exchange, and two separate bulletins will cover "critical" flaws in Microsoft Office.


Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.