Microsoft Releases Patches For 23 Vulnerabilities

Microsoft will be launching a bunch of updates for its Office application suite and Internet Explorer in a few hours' time; eight patches issued by the software giant will be addressing 23 vulnerabilities.

Of the eight security bulletins for this April's Patch Thursday, five have been labelled as critical; the most notable of them will take care of a zero-day flaw in Microsoft's Excel spreadsheet package that was discovered back in February 2009.

Patches numbered MS09-009, MS09-010 and MS09-012 will hopefully close a number of zero-day exploits rated as critical by Microsoft.

Various versions of Office are concerned with the latest patch release, both on Mac and Microsoft. Even Wordpad will receive an update due to the fact that it shares a vulnerability with Microsoft Word.

Commenting on the release, Wolfgang Kandek of Qualys said that it shows that there is a large number of exploits that are already available.

Out of the 23 listed, 10 already are named exploits or have proof-of-concept. This shows that hackers could still come up with malware to compromise computer systems as the patch window is shrinking.

April's roll out will also see the apparition of Internet Explorer 8 in the Automatic Update section, for XP, Vista, Server 2003 and 2008.

Users who will be going down this way won't need a cumulative security update for Internet Explorer 5, 6, and 7 released simultaneously that will fix a slew of public and privately disclosed vulnerabilities, which affect all versions of Windows.

You can follow ITProPortal.com on Twitter @ http://www.twitter.com/itproportal.

Our Comments

Don't delay, download today. It is critical that Windows users download those patches as soon as they are made available. For those on automatic updates, this should happen overnight. Chances are that hackers will be using a very short window of opportunity to try their luck.

Related Links

Microsoft patches serious Excel zero-day, Windows flaws

http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1353765,00.html

MS Patch Tuesday: Software affected by security updates

http://www.thestandard.com/news/2009/04/14/ms-patch-tuesday-software-affected-security-updates

Microsoft patches 'insane' number of bugs

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9131573&intsrc=news_ts_head

Patch Tuesday addresses numerous Office and IE flaws

http://www.techspot.com/news/34270-patch-tuesday-addresses-numerous-office-and-ie-flaws.html

Microsoft Issues Eight Security Bulletins For April Patch Day

http://www.informationweek.com/news/security/app-security/showArticle.jhtml?articleID=216500673&subSection=News

Microsoft Patch Tuesday Plugs Security Holes as Hackers Circle

http://www.eweek.com/c/a/Security/Micrsoft-Patch-Tuesday-Plugs-Security-Holes-as-Hackers-Circle-317813/

Microsoft fixes Excel, carpet-bombing security flaws

http://www.itworld.com/security/66402/microsoft-fixes-excel-carpet-bombing-security-flaws

Patch Tuesday Fixes 'Critical' Excel Hole

http://www.internetnews.com/security/article.php/3815331/Patch+Tuesday+Fixes+Critical+Excel+Hole.htm

Microsoft releases a mega Patch Tuesday edition (April 2009)

http://stuff.techwhack.com/6436-april-2009-patch-tuesday

It's Windows Patch Tuesday: April 2009

http://blogs.techrepublic.com.com/window-on-windows/?p=1072

Microsoft fills Excel, Windows, Word holes

http://news.cnet.com/8301-1009_3-10219179-83.html