Microsoft is to release three bulletins on its next Patch Tuesday to cover issues in Windows and Office.
The three bulletins will cover four vulnerabilities, with one bulletin rated as critical and expected to fix a remote code execution issue in Windows. Also patched are ‘important' fixes in Windows.
Amol Sarwate, manager of the vulnerability research lab at Qualys, said: “This is a small update as compared to February in which there were a dozen updates. The critical update affects Windows XP, Vista and Windows 7, while Windows Server 2003 and Server 2008 are not affected.
“One of the important updates affects all Windows operating systems and we expect it to be for the MHTML Information Disclosure issue, which was left unpatched in last month's patch cycle (2501696).
“The other important update patches the little known Office Groove 2007 software. Overall we expect this month's Patch Tuesday to be easy for deployment for organisations and individuals.”
Alan Bentley, SVP international at Lumension, said: “Microsoft might be light on patches this month, but the short bulletin does not mean respite for businesses. But despite the clean up, there's nothing to suggest we're going to see a patch to address the recently exposed Internet Explorer zero-day vulnerability.
“Although it might be a quieter month for Microsoft, Apple on the other hand has been busy, having released a patch to address over 50 flaws with iTunes. This vulnerability impacts Apple's own products, as well as Windows products.”