Three critical fixes planned for Patch Tuesday

Microsoft is planning to release nine bulletins in its next monthly security update.

The company said that the July edition of Patch Tuesday, due to arrive 10 July, would bring critical security fixes for Windows XP, Vista and Windows 7 as well as an update for a critical flaw in the Internet Explorer 9 browser.

The first of the two critical Windows fixes include patches for issues which, if exploited could allow for remote code execution. Likewise, the Internet Explorer flaw could allow an attacker to remotely take control of a targeted system and install malware.

The critical vulnerability rating is the highest Microsoft issues for security vulnerabilities and is typically reserved for flaws which allow remote code execution without user notification or interaction. Such bulletins are typically considered to be high-priority deployments.

In addition to the three critical fixes, the company is planning to deliver six bulletins which have been rated as "important." The bulletins will include patches for flaws in Windows, Office, Server Software and Developer Tools.

The Important fixes will address flaws which include remote code execution, elevation of privilege and data disclosure flaws.

Paul Henry, a security and research analyst with security firm Lumension, noted that the July release would be particularly important as it covers a wide range of Microsoft products and platforms.

"One of the first things that jumps out is that these really impact the entire family of products, from XP all the way to 2008," Henry said.

"This is really a weird mix of patches, impacting both legacy and current generation software with critical issues."