Microsoft is to release three sets of security updates next week, fixing at least one critical Windows bug.
The software vendor that the most serious of these updates fixes a bug that could be used to install malicious software on a victim's computer on any supported version of Windows. The other two Windows updates fix flaws that are not considered to be quite so dire, and one of these two important fixes does not affect Windows XP or Vista users.
Microsoft releases its security updates on the second Tuesday of each month, a day known as Patch Tuesday. This month's early notification makes one thing clear: A highly publicized Excel bug that has been used in a small number of targeted attacks will not be patched this month.
Given that the Excel bug was reported to Microsoft just weeks ago, it's not surprising that Microsoft has not had time to fully test and release a bug-fix, said Andrew Storms, director of security operations with security vendor nCircle. Still, the fact that users will have to wait another month for protection is "disappointing," he said.
Microsoft has a couple of other software bugs to fix in addition to the Excel issue. In December, the company acknowledged a security issue in its WordPad Text Converter that affects older versions of Windows.
There is also another unpatched Windows issue that has been lingering since April of last year. Storms said it's possible that Microsoft could fix that vulnerability - which allows attackers to get elevated user privileges on a victim's system - next week.