Microsoft and Adobe to address critical vulnerabilities on Patch Tuesday
The Tuesday after the Easter weekend, 10 April, is set to be a busy one for system administrators as Microsoft and Adobe have sent out notifications that they will both be issuing fixes for critical vulnerabilities in their products.
Microsoft's April notification says there will be four critical advisories concerning Microsoft Windows, Internet Explorer, .NET Framework, Office, SQL Server, Microsoft Server and Developer tools, which all lead to remote code execution. A fifth remote code execution vulnerability in Office is marked as important, as is a sixth information disclosure issue in Microsoft's Forefront United Access Gateway. The critical bulletins will affect all versions of Windows, from Windows XP SP3 to Windows Server 2008R2. One critical bulletin for Internet Explorer covers IE 6, 7, 8 and 9
Adobe's prenotification advisory says that high priority fixes for Adobe Reader and Adobe Acrobat 9.5 and earlier 9.x versions for Windows will be released on 10 April. Adobe places a lower priority on fixes that it will be issuing for the same versions of Reader and Acrobat on Macintosh and for Reader on Linux. It also gives that same lower priority to patches for Adobe Reader X and Acrobat X on Windows and Macintosh.