Microsoft Inc.’s Patch Tuesday next week will address critical vulnerabilities in the Windows 8 and Windows RT operating systems.
The bulletin next Tuesday is one of the few for April that has a “critical impact on the current code for Windows 8, Windows RT and Windows 7 with critical remote code extension issues,” according to Paul Henry, security and forensic analyst for Lumension. “We recommend that this bulletin be your first patch and you should update Internet Explorer while you’re at it.”
Browser vulnerabilities can result in exploits being downloaded from infected Web sites that enable execution of remote code on affected machines.
There is also a second critical bulletin this month that affects Windows XP, Vista and Windows 7, but does not affect Windows 8 and RT.
Seven more bulletins are rated important, which means they could be used by hackers to compromise user data. One of these vulnerabilities affects Windows Defender, which is included in the security package for Windows 8 and Windows RT.
Another bulletin rated important could also represent one of the first reported vulnerabilities for Microsoft Office Web Apps 2010, according to Alex Horan, senior manager of Core Security.