In its forthcoming April Patch Tuesday, Microsoft will issue 11 security bulletins to address as many as 25 vulnerabilities – including two notable security flaws for which the exploit code is available publicly – pertaining to Windows, Microsoft Office, and Exchange.

Specifically speaking, the software affected by the vulnerabilities include - Windows 2000, XP, Vista, Windows 7, Server 2003, Server 2008, Office XP, Office 2003, 2007 Microsoft Office System and Exchange Server 2000, 2003,
2007, and 2010.

While 5 out of the 11 security bulletins will fix vulnerabilities that have been rated ‘critical’ by the company; 5 bulletins will fix vulnerabilities rated ‘important’; and one bulletin will address ‘moderate’ rated vulnerabilities.

The two important security advisories which have been worrying Microsoft because their exploit code is in the wild include advisory 091169 and advisory 977544.

The former, which was disclosed on March 1 and basically affects earlier versions of Windows running Internet Explorer, involves a VBScript flaw that allow remote execution of code that results in total control of the system. The latter, which dates back to November, involves a flaw in Server Message Block (SMB) protocol that facilitates a denial-of-service attack.

Meanwhile, using a new update system, Abode – which traditionally releases its quarterly security updates coinciding with Microsoft’s Patch Tuesdays – will, this time round, release its newest security updates for Reader and Acrobat.