Patch Tuesday will bring us a total of four different security bulletins

Apr 4, 2014 05:42 GMT  ·  By

Microsoft is getting ready for another Patch Tuesday rollout, this time planning to fix vulnerabilities found in the Windows operating system and the Office productivity suite.

A total of four security bulletins will be released on Tuesday, two rated as critical and two considered to be important.

As usual, Microsoft hasn’t provided any specifics on the vulnerabilities that are going to be fixed by these new patches, but it did mention that both Windows and Office will receive one critical update. All but one version of Internet Explorer will be fixed on Patch Tuesday, as the software giant found a bug that needs to be addressed as soon as possible. Internet Explorer 10 is the only version that’s not vulnerable, the company said.

As far as Office is concerned, the critical security glitch has been found in all versions of the productivity suite, hence the critical rating offered by the parent company.

Just like it happens every month, the security updates will be delivered to computers via Windows Update, so no user input would be required if the computer is connected to the Internet.

At this point, it’s not yet clear whether Microsoft is also planning to address a recently-found bug in Word that would allow attackers to remotely execute code using a malicious RTF document.

The company has already issued a Fix It solution to help users configure their computers to remain protected until it manages to resolve the glitch, so a full-time workaround is expected to be released this Patch Tuesday.

Limited attacks have already been confirmed, so it’s critical for both users and Microsoft to see the patch getting shipped to computers running MS Word as soon as possible.

“At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. The vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Word, or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer,” Microsoft recently said in a security advisory.

Users are thus recommended to avoid opening suspicious files coming from unknown sources, at least until the full patch is delivered. All versions of Microsoft Word currently supported by the company are affected by this new vulnerability, including Microsoft Word 2003 Service Pack 3, Microsoft Word 2010 Service Pack 1 and 2, and Microsoft Word 2013 in 32-bit, 64-bit, and ARM flavors.