All three of the critical vulnerabilities can result in the takeover of users' compromised systems, according to Microsoft's Advance Notification for July, 2007, announcement.
Without providing details, the company said the three "critical" issues affect Windows and Office, and specifically Excel, and its Microsoft .Net Framework offering.
It has rated two of the vulnerabilities as "important." These affect the Publisher component of Office and XP Professional, and could allow malicious code to execute on an impacted Windows PC.
Windows Vista, the latest version of Microsoft's operating system, is affected by a "moderate" vulnerability that Microsoft will patch on Tuesday, according to the company. Microsoft said on its website that this vulnerability could lead to a data leak.
The company has released information on the upcoming Patch Tuesday on its Microsoft Security Response Center website.
In recent months, Vista -- which Microsoft has touted as the most secure of its operating systems -- has required numerous patches, including its first Windows Vista-only patch in June. July's upcoming patches, as with last month's, could all allow malicious code to take over a Vista user's PC.
Microsoft said it is also planning to release an update to the Microsoft Windows Malicious Software Removal Tool and that it plans to release four high-priority, non-security updates on its Microsoft Update and one on Windows Update offerings.
Microsoft will host a web cast covering these bulletins on Wednesday, 11 July, 2007, at 11 a.m. PT. Registration is available here.
Microsoft to fix three 'critical' vulnerabilities on Patch Tuesday
By Jim Carr on Jul 6, 2007 9:52AM