Microsoft to release massive security package to fix 40 vulnerabilities

Software giant Microsoft announced on Thursday that it would release 17 security updates next week to fix 40 vulnerabilities.

The upcoming security updates, which will be the last patch package in 2010, will fix security holes in Windows, Internet Explorer, Office, SharePoint and Exchange.

The number of upcoming security updates is unusual as Microsoft issued no more than nine updates in the past three years. Out of the total 17 updates, two are rated critical, fourteen are rated important and one is deemed moderate.

Speaking on the increasing number of security updates, Microsoft Security Response Center’s director Mike Reavey commented, “This is partly due to vulnerability reports in Microsoft products increasing slightly, as indicated by our latest Security Intelligence Report.”

The patch package will fix two publicly known issues- an elevation-of-privilege-flaw which has been used in conjunction with notorious Stuxnet worm and an Internet explorer bug that was recently used to exploit a website.

The upcoming Internet Explorer update is expected to affect all versions of the browser, with a possible exception of Internet Explorer 9 as it is still in preview mode.

The upcoming updates will bring the total security updates for this year to 106, which is a record.