Microsoft to patch three flaws next week

Microsoft will issue just three patches on Tuesday, as part of its monthly security update schedule.

But it won't be fixing a recently discovered flaw in Excel.

The most severe flaw being patched next week is rated "critical" and allows remote code to be executed in versions of Windows Vista, XP, 2000 and Server 2003 and 2008, according to a [a href="http://www.microsoft.com/technet/security/bulletin/ms09-mar.mspx" target="_blank" rel="nofollow"]Microsoft security bulletin[a].

The other two flaws are rated "important" and relate to spoofing in versions of Microsoft's Windows operating system.

Bill Sisk, security response communications manager for Microsoft, wrote on the Microsoft Security Response Centre blog: "We are also planning to release high-priority, non-security updates on Windows Update and Windows Server Update Services (WSUS) as well as high-priority, non-security updates on Microsoft Update and Windows Server Update Services (WSUS)."

Tuesday's update won't fix a zero-day flaw in Excel, although Microsoft has already claimed to be working on a solution to patch that vulnerability.