64 vulnerabilities to be patched in tomorrow's Microsoft update

The update – another record for Patch Tuesday, Infosecurity notes – beats the previous record of 49 vulnerabilities dating from October of last year and comes packaged up in 17 bulletin updates for Windows, Internet Explorer, Office, Net Framework and Office.

Nine of the fixes have been flagged up as critical, with another eight noted to be important, as well as the fact that 15 or the 17 bulletins are designed to foil remote code execution.

According to Amol Sarwate, manager of Qualys' vulnerability research lab, tomorrow's suite of patches represents a huge update "and system administrators should plan for deployment as all Windows systems including Server 2008 and Windows 7 are affected by critical bulletins."

"Frequently used office applications like Excel 2003 through 2010 and PowerPoint 2002 through 2010 are also affected", he says in his latest security blog.

Over at fellow security vendor Sophos, meanwhile, senior security researcher Graham Cluley describes the patch suite as a monster and that one of the vulnerabilities reportedly fixed will be the MHTML rendering flaw that was discovered earlier this year.

"Internet Explorer was one the products found to be at risk from the zero-day vulnerability that could allow maliciously crafted webpages to execute code in any zone regardless of which zone is specified", he says in his latest security blog.

According to Cluley, if you are in charge of securing your company's computers and were hoping to go out to the cinema or take your partner to a swanky restaurant on Tuesday night, you might want to rearrange your plans.

"In fact, I would suggest that you put a reminder in your calendar to never organise a big night out on the second Tuesday of each month", he explained.

What’s Hot on Infosecurity Magazine?