Microsoft to fix Visual Studio, Windows flaws

Microsoft plans to release five security updates to address vulnerabilities in Windows and a flaw in Visual Studio as part of its monthly security bulletin release cycle.

Windows administrators can expect five security updates for Windows and one for Visual Studio when it releases its monthly patch update next Tuesday. Some of the flaws to be repaired are critical, the software giant said in an advance bulletin on its TechNet site.

All fixes will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool, and some updates may require a restart, the company said.

Microsoft will also update its Windows malicious software removal tool and release 14 non-security, high-priority updates. Four of the non-security updates will be available on Windows Update (WU) and Software Update Services (SUS), while 10 will be released via Microsoft Update (MU) and Windows Server Update Services (WSUS).

"Although we do not anticipate any changes, the number of bulletins, products affected, restart information and severities are subject to change until released," Microsoft said.

Microsoft is grappling with a number of zero-day flaws, but it remains unclear which ones might be addressed Tuesday.

Two zero-day flaws surfaced this week -- one in Microsoft Word and the other in Windows Media Player.

A zero-day flaw in Visual Studio has gone unpatched since early November. It is expected that Tuesday's patch release would address the issue.

Read more on IT risk management