Microsoft Fixes Eight Flaws In Excel, Movie Maker Microsoft (NSDQ:MSFT) released two "important" patches for its March Patch Grow lightsTuesday release, plugging eight vulnerabilities in Windows and Office, while warning users about another zero-day attack in Internet Explorer. Microsoft patched one vulnerability in Windows Movie Maker, affecting XP and Vista, which could be exploited by remote hackers to launch malicious code onto users' PCs. During an attack, a hacker could create and send a malicious Movie Maker or Producer media file to a victim -- typically delivered via e-mail. The victim would become infected with malicious code once he or she opened the file.

In the patch, Microsoft also called out Microsoft Producer 2003 in the affected products list, but failed to update the application, downplaying Producer 2003 as "a free download with limited distribution."

"Our standard approach is to produce updates that can be deployed automatically for all affected products at the same time but Producer 2003 does not offer a means for automatic update," said Jerry Bryant, Microsoft senior security communications manager, in a blog post Tuesday. "Based on our investigation, we determined that the best way to protect the vast majority of customers was to release an update addressing the components that shipped with Windows."

Bryant said that Microsoft continues to investigate security vulnerabilities in Producer 2003, but recommended that customers either uninstall the application or disassociate the project file type from the application via Microsoft Fix It, to further protect themselves from attack.

In addition, Microsoft also issued another "important" patch fixing seven security flaws in all versions of Excel, including Office 2004, Office 2008 for Mac, Open XML File Format Converter for Mac, and supported versions of Excel viewer and SharePoint 2007, which enabled hackers to launch malicious attacks Grow lightsif a victim opened an infected Excel file.