Microsoft is expected to release a slew of security patches Tuesday under the new monthly release cycle, including a cumulative patch to plug some known vulnerabilities in the popular Internet Explorer (IE) Web browser.
The software giant was planning to fix the IE flaws in the December release, but a company official told internetnews.com that problems during the testing phase pushed back the release date.
Still unpatched are five serious IE vulnerabilities that could lead to system takeover, exposure of sensitive information, cross-site scripting and security bypass.
In November, Chinese security researcher Liu Die Yu released details of the vulnerabilities alongside proof-of-concept exploits. The security glitches affect Internet Explorer versions 5.0, 5.5 and 6.0.