Microsoft today released a batch of 17 security updates for a Patch Tuesday that cover 64 vulnerabilities in Microsoft Windows, Office, Internet Explorer, Visual Studio, .NET Framework and GDI+.

Nine of the bugs are rated critical, while eight are important. One of the "important" bulletins includes 30 vulnerabilities in one bug, MS11-034, and they all share the same couple of root causes, Microsoft said.

Microsoft identified three vulnerabilities as its top priority bulletins for the month: MS11-020, which resolves a problem with Windows that could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system; MS11-019, another Windows bug that could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request; and MS11-018, which could allow remote code execution if a user views a specially crafted Web page using Internet Explorer.

Also today, Microsoft introduced a Rootkit Evasion Prevention tool and Office File Validation, while was originally announced in December 2010 but is now available for Office 2003 and 2007.

Office File Validation, "which is included in Word, Excel, PowerPoint and Publisher ... will validate the file structure as it is being opened by the user," said Modesto Estrada, Office program manager. "The validation will check the file to make sure it conforms to expected Office specifications. If this process fails the user will be notified of potential issues."

The rookit tool, meanwhile, "will expose an installed rootkit and give your anti-malware software the ability to detect and remove the rootkit," said Dustin Childs, senior security program manager, MSRC. "For a rootkit to be successful it must stay hidden and persistent on a system. One way we have seen rootkits hide themselves on 64-bit systems is bypassing driver signing checks done by winload.exe."

Microsoft applauded the industry experts who worked with the company to uncover the bugs. "In total, 21 finders coordinated with Microsoft for the April release. Microsoft actively partners with the security community to assess threats and better protect customers, and April is an example of Coordinated Vulnerability Disclosure (CVD) at work," Microsoft said in a blog post.

For more details, see PCMag analyst Larry Seltzer's analysis on Security Watch.