Microsoft announced today it will release 17 security bulletins on the April 12 Patch Tuesday which will address a total of 64 vulnerabilities. Nine bulletins are rated as critical and the remaining eight are rated as important. The vulnerabilities affect MicrosoftWindows, Microsoft Office, Internet Explorer, Visual Studio, .NET Framework and GDI+. Microsoft will provide a fix for the MHTML vulnerability which we discussed earlier and more details are included in Security Advisory 2501696. Microsoft will also include a fix for the SMB Browser issue that was publicly disclosed on February 15.
This is a huge update and system administrators should plan for deployment as all windows systems including Server 2008 and Windows 7 are affected by critical bulletins. Frequently used office applications like Excel 2003 through 2010 and PowerPoint 2002 through 2010 are also affected.
-Amol Sarwate, Manager, Vulnerability Research Lab, for Qualys