Eight updates for Microsoft's forthcoming April Patch Tuesday
Microsoft mentions a total of eight updates in its advance notification for the forthcoming Patch Tuesday. Critical security issues which, according to the notification, may allow attackers to remotely execute malicious code, are to be fixed in various Windows components, including DirectX, as well as Internet Explorer and Microsoft Office. Redmond's information suggests that the hole in Excel, not covered by the Patch Tuesday updates in March, will also be fixed.
Two further Windows updates – the MSDTC (Microsoft Distributed Transaction Controller) component was mentioned – are to prevent local users from escalating their access privileges. A patch for Forefront is to fix a vulnerability which allows attackers to put Microsoft's own security software out of action. Most of the patch packages require a system reboot to become effective. The hole in PowerPoint Microsoft warned of in early April, seems to remain unpatched.
- Microsoft Security Bulletin Advance Notification for April 2009, Microsoft's April Patch Tuesday notification.