The Channel logo


By | John Leyden 6th March 2009 10:21

March patch Tuesday omits Excel fix

Zero-day, nada relief

Microsoft forthcoming patch Tuesday will bring no relief from an unpatched Excel flaw that's the target of active malware attacks.

The March edition of Black Tuesday promises three updates, one of which Redmond classifies as critical because it poses a code execution risk. The other two flaws involve spoofing risks and are assigned to the "important" category.

As usual, Microsoft's pre-release is thin on specifics - understandably it doesn't want to give hackers too many clues - but we do know all four cover Windows. All supported version of Windows, including Vista, will need patching.

An unpatched vulnerability in Excel has been the target of hacking attacks since late last month. A patch to defend against the underlying vulnerability would fall into the Office category, so we know it won't arrive next Tuesday and is therefore highly unlikely to appear until April. ®

comment icon Read 1 comment on this article alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe