Microsoft is gearing up to patch a couple of Critical security vulnerabilities affecting Windows Vista Service Pack 1 and Windows XP SP3 next week. Come April 14, 2009, the Redmond company will release no less than eight bundles of patches aimed at a wide range of products. In addition to Vista and XP, Microsoft also plans to plug security holes in Windows Server, Internet Explorer, the Office System, Forefront and ISA Server. The software giant did not indicate in any manner whether Windows 7, the next iteration of the Windows client, or Windows Server 2008 R2 were impacted by the vulnerabilities that put users of previous releases of the operating systems at risk.

“As part of this month’s security bulletin release process, we will issue eight security bulletins – five rated ‘Critical,’ two rated ‘Important,’ and one rated ‘Moderate.’ These bulletins address vulnerabilities in Microsoft Windows, Microsoft Excel, Internet Explorer, and Microsoft ISA Server. Depending on the bulletin, a restart may be required. The updates will be detectable using the Microsoft Baseline Security Analyzer,” revealed Bill Sisk, Microsoft Security Response, center communications manager. “As we do each month, the Microsoft Windows Malicious Software Removal Tool will be updated.”

When it comes to pre-release versions of its software products, Microsoft only provides security updates for Critical vulnerabilities. In this regard, even though the software giant said nothing about Windows 7, Windows Server 2008 R2, Vista SP2 or Windows Server 2008 SP2, the products are bound to also have fixes available next week.

Out of the two Critical security bulletins available for Vista and XP, one affects Internet Explorer 6 and IE7. Microsoft did not indicate Internet Explorer 8 among the IE versions that would be patched starting on April 14, 2009. XP, including SP3, was also vulnerable via a flaw in DirectX 9.0x, Microsoft informed. The company indicated that DirectX 10 and higher did not feature the security flaw of DX 9.0.