Microsoft to Release 12 Security Patches Next Week, Three Critical

Software giant Microsoft (Nasdaq: MSFT) said it would release 12 security patches and software updates next week to fix 22 bugs in Microsoft Windows, Internet Explorer, Office, Visual Studio, and IIS.

The security bulletins will be released as part of Microsoft “Patch Tuesday” event on Feb.8.

Patch Tuesday is the second Tuesday of each month, on which Microsoft releases security patches.

Out of the 12 bulletins to be released, three of them rated Critical and nine rated Important, according to a post on the Microsoft Security Response Center blog.

Meanwhile, two of the updates will fix the previously disclosed vulnerabilities affecting windows graphics rendering engine and internet explorer that may allow execution of remote codes. Remote codes could allow an attacker to take complete control of an affected system.

On Jan. 4, Microsoft said it is investigating vulnerability in the windows graphics rendering engine. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the logged-on user and could then install programs; view, change, or delete data; or create new accounts with full user rights.

Another Microsoft security update is expected to fix a bug affecting the internet explorer that was publicly disclosed by the company in late December.

On Dec. 22, Microsoft said it is investigating new, public reports of limited attacks attempting to exploit vulnerability in all supported versions of Internet Explorer. The main impact of the vulnerability is a remote code execution.

In addition, Microsoft will be addressing an issue affecting FTP service in IIS 7.0 and 7.5, the blog post added.