Article

Microsoft to repair 25 flaws in Windows, Office and Exchange

SearchSecurity.com Staff

Microsoft plans to release 11 security bulletins April 13, repairing 25 vulnerabilities in Windows, Microsoft Office and Exchange.

In its patch Advance Notification Service, Microsoft said five of the bulletins are rated critical.

    Requires Free Membership to View

The 25 vulnerabilities affect all versions of Windows, including the latest version, Windows 7.

Jerry Bryant, senior security communications manager for the Microsoft Security Response Center, said the software giant will address two publicly known issues. A VBScript issue with Internet Explorer will be repaired. An advisory on the issue was issued March 1. The flaw could allow an attacker to run arbitrary code by tricking a user to browse to a malicious Web page and press the F1 key to access Windows Help files in Internet Explorer.

A denial of service vulnerability in the Server Message Block (SMB) protocol will also be addressed, Bryant said.

Microsoft issued an emergency bulletin March 30, repairing a zero-day vulnerability in Internet Explorer and nine other IE fixes. The zero-day vulnerability affected IE 6 and 7 and was being publicly targeted in the wild. The other fixes rolled into the bulletin address remote code execution and information disclosure flaws. Most were critical, including three Internet Explorer 8 vulnerabilities.

~Robert Westervelt


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: