Microsoft Releasing some patches on 12th April

Microsoft has given advance notice of its upcoming ‘Patch Tuesday’ with fixes planned for 64 vulnerabilities, nine of which are critical and eight important. A further six are being fixed due to a hole that enables remote code execution, one which allows privilege escalation and another that can lead to information disclosure. Following the updates a mandatory restart is recommended in seven of the bulletins.

The vulnerability that is similar to server-side cross-site scripting (XSS), whereby an attacker could cause a victim to run malicious scripts when visiting various Web sites and rated as important, will be closed in this next batch of fixes. Microsoft had already issued an automated solution but this depended on users applying the patch themselves. The next release will finally close the MHTML vulnerability in Windows and the ability for attackers to launch ‘limited, targeted attacks’ though this hole.

The bulletin release is scheduled for Tuesday April 12, at approximately 11 a.m. PDT (18.00 UCT).

 Microsoft will host a webcast to address customer questions on the security bulletins on April 13, 2011, at 11:00 AM Pacific Time (US & Canada).