Microsoft to patch security vulnerabilities on Tuesday – including some rated as “critical”

Microsoft to patch security vulnerabilities on Tuesday - including some classed as "critical"

Patch Tuesday is bringing seven security fixes, with Microsoft deeming four of them “drop-everything-and-fix-this-now” critical.

The patches are for Windows, Internet Explorer and Office, as well as a sprinkling for Windows Server and Silverlight.

Microsoft says that four of the patches will address “critical” vulnerabilities.

Emergency. Image from Shutterstock

“Critical” is, of course, Microsoft’s highest severity rating.

It covers self-propagating malware such as network worms or common-use scenarios in which code is executed without warning or prompt, such as when users open booby-trapped email or suffer drive-by attacks from maliciously rigged webpages.

In this patch go-round, Microsoft warns that critical flaws might allow for remote code execution on Windows, Internet Explorer, Silverlight and Office.

Another critical vulnerability would allow for elevation of privilege on Office and Server Software.

Flaws rated “important” could lead to elevation of user privileges or the disclosure of user data or personal information.

On Microsoft’s vulnerability executive summary page, the company says that some of the critical patches relate to Mac users as well as Windows.

Hackers exploiting that vulnerability could gain the same user rights as the current user.

Of course, as soon as Tuesday comes, malicious hackers will be glued to their screens. They’ll be checking out Microsoft’s patches and will get to work on code to exploit computers whose owners or system administrators haven’t patched, pronto.

As for the vulnerabilities that have been publicly disclosed, well, those attackers have that much more of a head-start.

This month, as with every Patch Tuesday, the longer you wait to apply the security patches, the more time attackers will have to finesse, and launch, their attacks.

So don’t delay: patch as soon as possible.

On the surface of it, March doesn’t look half as gnarly as the monster-sized 57 updates that Microsoft dumped on our doorsteps in February.

But numbers don’t tell the whole story. For every corporation, every patch brings the possibility of conflicts.

So this week, tiptoe gently around the support people. Lord knows they’ll be busy making sure the place stays afloat.