Microsoft on Thursday said it would deliver nine security updates next week, four of them critical, to patch 21 vulnerabilities in Windows, Internet Explorer, Office, .Net, and Silverlight.

This year's February Patch Tuesday will feature three fewer updates and one less patch than 2011's.

Four of the nine updates were tagged "critical," the highest threat ranking in Microsoft's four-step system, while the other five were marked "important," the second-level rating. All of the critical updates and two of those pegged important will patch bugs that Microsoft admitted could be exploited by attackers to hijack computers and plant malware on PCs.

One interesting thing in today's advance notification, said Andrew Storms, director of security operations at nCircle Security, was the impact on Windows Server 2008 R2, Microsoft's newest server operating system.

"Seven Windows- and IE-related bulletins are applicable to Server 2008 R2, but Windows XP [32-bit] has only four. It's another lopsided month," said Storms, referring to past Microsoft claims that older software receive more security updates than newer titles.

Full story: InfoWorld