Microsoft to fix 13 holes in Patch Tuesday

Security

Microsoft's Patch Tuesday will be a fairly busy one this month, with nine bulletins announced for 13 vulnerabilites.

The fixes will go out on 14 September and cover holes in numerous versions of Windows, including the new Windows 7, according to an advance notification.

Four of the bulletins have been rated as "critical," affecting Windows XP, Windows 2003 and Vista, while another five have a ranking of "important."

Two bulletins relate to Microsoft Office XP, 2003 and 2007 and carry the "important" rating.

The latter ranking is "a pretty standard rating for common file format vulnerabilities, even though they allow the attacker to take control of the affected system," said Wolfgang Kandek, chief technology officer (CTO) at Qualys.

As yet, there are no specifics on what the Redmond giant will secure, but Kandek said he expected Microsoft to fix a flaw in how Windows handles dynamic-link library or .dll files, which has been exploited by hackers in the wild.

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.