Microsoft tees up patches for Office, Windows

Microsoft plans to issue nearly a dozen security patches on Tuesday, including critical fixes for Office and Windows.

The company will release six updates for the operating system and four for the office suite, according to an advance notice sent out on Thursday by the software giant. Some of the patches will be deemed "critical", the company's highest severity rating. The company also plans to send out a security bulletin for Microsoft .NET that will be tagged moderate, it said.

The updates, part of Microsoft's regularly scheduled monthly patch cycle, come after sample attack code has surfaced for vulnerabilities in the Windows Shell component of the operating system. Those flaws could enable attackers to use a website to load malicious software onto systems.

The past few weeks has seen the arrival of third-party patches for the Windows Shell problem. The Zeroday Emergency Response Team, or Zert, delivered its own fix, aiming to help people protect their PCs until Microsoft issued an official update. In addition, security company Determina provided an outside patch for the same issue.

Microsoft has said it will provide a patch for the Windows Shell vulnerability in its October bunch of bulletins. It is expected to announce more details regarding the flaws once the patches are released next week.

In September, the company delivered a critical fix for Office, one of three security bulletins in that monthly patch cycle.

Dawn Kawamoto writes for CNET News.com