Breaking recent security tradition, Microsoft is planning to release a single patch next week as part of its Patch Tuesday update cycle.
The update is for an issue recently discovered within PowerPoint.
Although the issue was identified in April, this is the first time that it will have been patched. Last month, the firm used its Patch Tuesday to release eight updates that patched 23 vulnerabilities, making this month's single release seem somewhat insignificant.
However it is not. Microsoft described the issue in PowerPoint - versions 2000, 2002, 2003 and 2007- as critical, its highest possible severity warning.
Microsoft describes issues as 'critical' when the vulnerability is so severe that its exploitation could allow for the 'propagation of an internet worm without user action'. In its security update notification, the firm adds: "We believe that customers who use an affected product should almost always apply patches that address vulnerabilities rated critical or important."
Microsoft added: "For Microsoft Office PowerPoint 2007 Service Pack 1 and Microsoft Office PowerPoint 2007 Service Pack 2, customers also need to install the security update for Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1 and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2 to be protected from the vulnerabilities described in this bulletin."
While no other vulnerability patches are planned, Microsoft added that it would be releasing an updated version of its Windows Malicious Software Removal Tool as well as a number of other non-critical updates.
The patch is expected to be released on 12 May.
-
CIOs and CTOs are making high-stakes decisions with incomplete informationNews Architecture, governance, and investment decisions control how fast organizations can move, what risks they can handle, and which opportunities are viable
-
Nvidia touts its contribution to UK sovereign AI plansNews The latest deal sees Nebius expanding capacity in the UK with three new deployments
-
Microsoft patches six zero-days targeting Windows, Word, and more – here’s what you need to knowNews Patch Tuesday update targets large number of vulnerabilities already being used by attackers
-
IBM AIX users urged to patch immediately as researchers sound alarm on critical flawsNews Network administrators should patch the four IBM AIX flaws as soon as possible
-
Vulnerability management complexity is leaving enterprises at serious riskNews Fragmented data and siloed processes mean remediation is taking too long
-
Beat cyber criminals at their own gameWhitepaper A guide to winning the vulnerability race and protection your organization
-
Same cyberthreat, different storyWhitepaper How security, risk, and technology asset management teams collaborate to easily manage vulnerabilities
-
Three steps to transforming security operationsWhitepaper How to be more agile, effective, collaborative, and scalable
-
Should your business start a bug bounty program?In-depth Big tech firms including Google, Apple and Microsoft offer bug bounty programs, but can they benefit smaller businesses too?
-
Accessing the XDR realmWhitepaper A guide for MSPs to unleash modern security
