Microsoft Plans Three Patches Next Week

Microsoft on Thursday warned Windows users to expect three security bulletins May 9, the Redmond, Wash. company's regularly-scheduled second-Tuesday day. At least two of the three will include fixes for flaws Microsoft dubs "critical."

, while the third will resolve one or more issues in the mail software. At least one of the Windows' fixes will be tagged "critical" by Microsoft, as will the Exchange patch.

At the same time, the company will roll out a refreshed edition of its cleaning utility, Windows Malicious Software Removal Tool, and two non-security, high-priority updates via Microsoft Update (MU) and Windows Server Update Services (WSUS). By limiting the non-security updates to those mechanisms, it’s likely that they're related to Microsoft Office, or another product which MU supports.

There is a high probability that one of the Windows bulletins will be an update for Internet Explorer (IE), Microsoft's browser. Several as-yet-unpatched vulnerabilities in IE have been disclosed recently that can be exploited by attackers who draw victims to malicious Web sites, including

Included in the Exchange patch will be a , added Microsoft. Companies running RIM's Enterprise Server will be most affected by this change.

May's security bulletins will be available for manual from the Microsoft Web site, and will be pushed to users via the company's automated update services and programs, which include Microsoft Update, Windows Update, Windows Server Update Services, and Software Update Services.

As usual, Microsoft will shoot for a 10 a.m. PDT roll-out of the fixes. , Microsoft unveiled 5 patches that fixed 14 flaws; later in April, it was forced to because of conflicts with various Hewlett-Packard programs and older NVIDIA card drivers.

yahoo.com/