Microsoft has readied two security bulletins for its upcoming Patch Tuesday update, set to address three vulnerabilities in its Windows operating system.
The first security bulletin has been rated 'critical' and affects all supported versions of Windows. The second bulletin is rated as 'important', and concerns only Windows Vista.
However, security fixes for two critical vulnerabilities found in Windows and Internet Explorer will remain absent from the update.
Of the vulnerabilities, the found in the Windows Graphics Rendering Engine has had its exploit code released to the public.The vulnerability was first reported during a security conference in December.
The IE vulnerability is related to the creation of uninitialised memory in a Cascading Style Sheets (CSS) function in the web browser.
The company said that it had already started seeing attacks targeting the IE flaw.
“If customers have not already, we recommend they consult the Advisory for the mitigation recommendations. We continue to watch the threat landscape very closely and if the situation changes, we will post updates here on the MSRC blog,” the company advised.