A 'Critical' Patch Day For Microsoft

Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Microsoft's monthly round of security bulletins cuts across several parts of the software giant's product lineup and are designed to prevent attackers from taking control of users' systems remotely.

Heading the list are three separate bulletins that, in all, address eight separate newly discovered vulnerabilities in Microsoft Office which could allow an attacker to take complete control of an affected system.

MS07-023 addresses BIFF record, set font and filter record vulnerabilities in Excel, while MS07-024 addresses array overflow, document stream and RTF parsing vulnerabilities that potentially allows remote execution of code. The last of the top three bulletins MS07-025 fixes the drawing object vulnerability in Office.

An additional two fixes address a total of 10 vulnerabilities related to Microsoft Exchange and Internet Explorer.

The other four bulletins include one that addresses four newly discovered vulnerabilities in Microsoft Exchange, MS07-026. Another, MS07-027, addresses six vulnerabilities in Internet Explorer.

The last two bulletins are MS07-028, which addresses vulnerabilities in CAPICOM and Biztalk, and MS07-029, which provides a Microsoft Windows fix.

Microsoft also announced that its monthly installment of software designed to remove malicious software from users systems is available today. Microsoft said this month's update removes Win32/Renos. The software removal tool is available here.

Security provider McAfee (Quote) said its McAfee Avert Labs worked with Microsoft (Quote) to disclose and patch the vulnerability in Word and is encouraging users to update their systems as soon as possible.

"Of particular concern is the large number of Microsoft Office, Word, Excel and Internet Explorer vulnerabilities being patched today," said Dave Marcus, security research and communications manager at McAfee Avert Labs. "These applications are the most frequently targeted by malware (define) writers, so we recommend that all customers evaluate their security coverage and policies to insure they have adequate protection in place."

This article was first published on InternetNews.com. To read the full article, click here.

Submit a Comment

Loading Comments...