Microsoft plans to release three patches on Tuesday for several of its software products, including at least two critical updates for known vulnerabilities, according to the company’s monthly security update.Microsoft will release one critical patch for its Microsoft Exchange messaging server and two patches, at least one of which is critical, for Windows.All the updates may require a restart and will be detectable using Microsoft’s Baseline Security Analyzer tool. The Windows patches also can be detected through Microsoft’s Enterprise Scanning Tool, the company said.More information about the security updates can be found on the Microsoft website. Microsoft releases security updates for its software products on the second Tuesday of every month, a day that has become known as “patch Tuesday” by security experts.Also on Tuesday, Microsoft plans to release an updated version of its Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center. However, the tool will now be distributed using Software Update Services, the company said. Microsoft will host a webcast to discuss the security updates on Wednesday at 11 a.m. PST. More information about the webcast can be found on the Microsoft website.Keep checking in at our Security Feed page, or subscribe via RSS, for updated news coverage.By Elizabeth Montalbano, IDG News Service Related content brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security news Gitlab fixes bug that exploited internal policies to trigger hostile pipelines It was possible for an attacker to run pipelines as an arbitrary user via scheduled security scan policies. By Shweta Sharma Sep 21, 2023 3 mins Vulnerabilities Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe