Microsoft Releases Security Patches

0
502
Spread the love

The Story:

Based on reports from MSNBC, Microsoft has recognized several bugs in its programs which include, Internet Explorer (IE) , Windows, Visio and Visual Studio.

It has issued 22 patches to fix the 13 security flaws it has recognized.

Out of the 13 different security bulletins 2 were classified as critical. This meant that if an online attacker targeted a computer, he/she could exploit the bugs to execute malicious code.

Out of the rest of the bulletins 9 were labeled as moderate and 2 as important and if left unpatched it would allow and outside party to gain privileged access to a victims computer.

Security Reports:

Internet Explorer

As per what Microsoft said in its blog on TechNet, IEs security report, showed 5 privately reported vulnerabilities and 2 publicly disclosed vulnerabilities. Despite the risk it stated that, Microsoft is not aware of any attacks leveraging the vulnerabilities addressed in this bulletin.

The IE update is critical for all platforms. It applies to all versions, from IE 6 through 9 on Windows 7, Vista, XP, 2003 and 2008.

Windows

2 vulnerabilities were exposed in Windows DNS server, Windows Server 2008 and Server 2008 R2. While Server 2003. The more severe of these vulnerabilities could allow remote code execution if an attacker sends a specially crafted Naming Authority Pointer (NAPTR) query to a DNS server. Servers that do not have the DNS role enabled are not at risk.

Further Updates

Microsoft is expected to update all supported versions of Visio, .NET framework and Visual Studio 2005 development tool. It also patched a DLL vulnerability in Visio last month that could have been exploited with a remote code execution attack.

Ripples

Users, be Cautious!

Marcus Carey, a security researcher for Rapid7, said that since the preview announcement provides no details on what the actual flaw is being patched, users should limit their use of Internet Explorer to only visit trusted sites and be careful about clicking on links. His advice to users is also that, concerned users should consider using an alternate browser, such as Firefox or Chrome, until the patches are live.

Sources: AMEinfo, TechNet blogs, eweek.com

Facebook Comments