Microsoft, the Redmond based software company behind the Xbox 360 gaming console, has announced that the company will be releasing 11 security updates for 25 security vulnerabilities in its Windows, Exchange and Office software.
According to an advanced notification released by the company, the double-digit security bulletin, which will be released by the company on April 13th, 5 out of 11 security updates have been labelled as 'Critical' and are related to remote code execution affecting Microsoft Windows.
Meanwhile, five other vulnerabilities have been categorised as 'Important' and affect Windows, Office and Exchange, whereas one update is 'moderate' and is related to spoofing in Windows OS.
Interestingly, Microsoft's flagship operating system, Windows 7, will be served with 4 of the 11 security updates, which will include a patch for the recently discovered VB script F1 vulnerability in which users who pressed F1 after being prompted by a website, got malicious content injected in their PCs.
Surprisingly, Microsoft is releasing the patch for the popular OS, even though the vulnerability does not affect Windows 7 PCs.
Commenting on the unnecessary Windows 7 patch, Microsoft said in the security bulletin that “However, Microsoft recommends that customers of this software apply this security update as a defense-in-depth measure.”
This is a big update and one which is likely to solve quite a few timebombs. Microsoft has its sights set on Internet Explorer 9 and delivering Windows Phone 7 by the end of the year but it would be ludicrous if it chose to ignore its two main cash cows; Windows and Office.