Microsoft will fix more vulnerabilities than any previous Patch Tuesday when it issues its monthly update list next week.
The Redmond giant said it would fix 64 vulnerabilities in 17 security bulletins on 12 April across various Microsoft products, including all versions of Windows.
Nine bulletins were rated as critical and the remaining eight ranked as important.
Notably, Microsoft has chosen to fix a zero-day MIME HTML (MHTML) vulnerability affecting Internet Explorer, which was used in targeted attacks.
In March, Google warned the vulnerability, initially reported by Microsoft in January, had been exploited in politically motivated attacks and hit "another popular social site."
The bug in MHTML a protocol used by applications to render certain kinds of documents and bring together different content onto one HTML file - was publicly disclosed back in January.
"This is a huge update and system administrators should plan for deployment as all windows systems including Server 2008 and Windows 7 are affected by critical bulletins," said Amol Sarwate, manager at the Qualys Vulnerability Research Lab.
"Frequently used office applications like Excel 2003 through 2010 and PowerPoint 2002 through 2010 are also affected."
The previous record Patch Tuesday was issued in October when 49 vulnerabilities were fixed in 16 bulletins.
Head here to see the advance notification for next week's Patch Tuesday.
-
Hounslow Council partners with Amazon Web Services (AWS) to build resilience and transition away from legacy techSpomsored One of the most diverse and fastest-growing boroughs in London has completed a massive cloud migration project. Supported by AWS, it was able to work through any challenges
-
Salesforce targets better data, simpler licensing to spur Agentforce adoptionNews The combination of Agentforce 360, Data 360, and Informatica is more context for enterprise AI than ever before
-
Security experts claim the CVE Program isn’t up to scratch anymore — inaccurate scores and lengthy delays mean the system needs updatedNews CVE data is vital in combating emerging threats, yet inaccurate ratings and lengthy wait times are placing enterprises at risk
-
IBM AIX users urged to patch immediately as researchers sound alarm on critical flawsNews Network administrators should patch the four IBM AIX flaws as soon as possible
-
Critical Dell Storage Manager flaws could let hackers access sensitive data – patch nowNews A trio of flaws in Dell Storage Manager has prompted a customer alert
-
Flaw in Lenovo’s customer service AI chatbot could let hackers run malicious code, breach networksNews Hackers abusing the Lenovo flaw could inject malicious code with just a single prompt
-
Industry welcomes the NCSC’s new Vulnerability Research Initiative – but does it go far enough?News The cybersecurity agency will work with external researchers to uncover potential security holes in hardware and software
-
Hackers are targeting Ivanti VPN users again – here’s what you need to knowNews Ivanti has re-patched a security flaw in its Connect Secure VPN appliances that's been exploited by a China-linked espionage group since at least the middle of March.
-
Broadcom issues urgent alert over three VMware zero-daysNews The firm says it has information to suggest all three are being exploited in the wild
-
Nakivo backup flaw still present on some systems months after firms’ ‘silent patch’, researchers claimNews Over 200 vulnerable Nakivo backup instances have been identified months after the firm silently patched a security flaw.
