Microsoft will fix 23 security vulnerabilities on Tuesday (Oct. 11), including a critical flaw that could give attackers the ability to remotely spread a virus through compromised Internet Explorer and Windows users.
The software giant’s monthly “Patch Tuesday” will contain eight security bulletins for the 23 total bugs. The other critical vulnerability Microsoft will fix exists in the company’s .NET and Silverlight frameworks. The remaining six bulletins address flaws in Windows, Forefront Unified Access Gateway and Host Integration Server, and are all listed as “important,” meaning their exploitation could result in the compromise of user data.
Software affected by these vulnerabilities includes Internet Explorer versions 6 through 8, Windows 7, Windows XP, Windows Server 2003 and 2008 and Windows Vista.
Microsoft will also release an updated version of its Windows Malicious Software Removal Tool. This comes after a security slipup last week, in which two similar programs, Microsoft Security Essentials (MSE) and Forefront, were responsible for accidentally flagging Google Chrome as malware and erasing it from about 3,000 Windows systems. That flaw in MSE was quickly fixed.
Microsoft is scheduled to release the security patches at approximately 10 a.m. PDT on Oct. 11. To download the bulletins, visit Microsoft’s website if you don’t have Windows Update set to install updates automatically.