Microsoft is lining up four security updates - two of which earn the dread rating of critical - for the February edition on its regular monthly Patch Tuesday update cycle.

February 10 promises the release of critical patches for Internet Explorer and Exchange Server. The other two bulletins are due to cover security fixes for its Visio graphics software and SQL Server defined as "important" by Redmond even though they each pose a code injection risk, something that would normally earn a critical rating.

The IE update is critical for Vista and XP and moderate for server systems. The fix is unnecessary for Windows 2000.

Details of the flaws covered by the updates are being held back until the availability of the update on 10 February, as explained in Microsoft's pre-alert advisory here. Microsoft also plans to publish an update of its malicious software removal tool next Tuesday. ®

Related stories

• Critical kernel fix stars in Patch Tuesday updates (11 March 2009)
• March patch Tuesday omits Excel fix (6 March 2009)
• Solitary MS update lances critical Windows risk (14 January 2009)
• Oracle patch batch eclipses Microsoft Patch Tuesday (9 January 2009)
• MS (finally) confirms unpatched SQL Server flaw (23 December 2008)
• Microsoft issues emergency IE patch as attacks escalate (17 December 2008)
• Bumper MS patch batch spells client-side misery (10 December 2008)