- V3 Apps
Microsoft said that it will be releasing critical fixes for Windows and Internet Explorer in its April security update.
The company said that the next edition of 'Patch Tuesday,' set to be released 9 April at approximately 1800 GMT, would only contain a pair of bulletins rated with its highest security alert level.
The first critical bulletins will address flaws deemed critical in Internet Explorer for Windows XP, Vista, Windows 7 and Windows 8. Those vulnerabilities are only considered 'moderate' risks in Windows Server systems.
The second critical bulletin will be likewise considered a 'critical' flaw for all supported desktop versions of Windows prior to Windows 8 and 'moderate' for Windows Server deployments. The vulnerability is not present in Windows 8 systems.
Microsoft said that, if targeted, the vulnerabilities addressed by the bulletins could allow an attacker to remotely execute code on a targeted system.
In addition to the critical fixes, Microsoft said that it would be releasing a total of seven flaws rated as 'important' security risks. The impact of those vulnerabilities includes elevation of privilege, denial of service and information disclosure.
Security vendors said that while the April release is low on critical updates, the glut of lower-priority fixes could still prevent problems for administrators.
"While only two of the announced patches are actually critical, as a security professional, I find the sheer volume of patches this month to be noteworthy," Core security senior product manager Alex Horan.
"Large numbers of updates lead to more administration and ultimately delays. This can allow critical vulnerabilities to be exploited while less significant concerns simply cloud the security picture."