Microsoft to patch "critical" security vulnerabilities on Tuesday

Status
Not open for further replies.

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
Sophos said:
Patch Tuesday is bringing seven security fixes, with Microsoft deeming four of them "drop-everything-and-fix-this-now" critical.

The patches are for Windows, Internet Explorer and Office, as well as a sprinkling for Windows Server and Silverlight.

Microsoft says that four of the patches will address "critical" vulnerabilities.

"Critical" is, of course, Microsoft's highest severity rating.

It covers self-propagating malware such as network worms or common-use scenarios in which code is executed without warning or prompt, such as when users open booby-trapped email or suffer drive-by attacks from maliciously rigged webpages.

In this patch go-round, Microsoft warns that critical flaws might allow for remote code execution on Windows, IE, Silverlight and Office.

Another critical vulnerability would allow for elevation of privilege on Office and Server Software.

Flaws rated "important" could lead to elevation of user privileges or the disclosure of user data or personal information.

On Microsoft's vulnerability executive summary page, the company says that two of the patches address publicly disclosed holes - in Windows and Exchange Server.

One of those two security updates, bulletin MS13-011, addresses a Windows vulnerability that would allow remote code execution via a boobytrapped media file, such as an .mpg; an Office document, such as a .ppt file containing a rigged and embedded media file; or maliciously crafted streaming content

Read more: http://nakedsecurity.sophos.com/2013/03/11/patch-tuesday-microsoft-critical/
 

Gnosis

Level 5
Apr 26, 2011
2,779
I'll be missing out on that 4 month old patch (discoverer of bug did not report it for two months, and MSFT took another two months to prepare the patch)
LOLOL

I am an XP dinosaur, so I don't even allow Window's Update to run any longer, or to notify me.

All others should get the update, as it is a simple process, esp. if your ISP does not stink as bad as mine.
 

avastalicious

New Member
Verified
Jan 30, 2013
75
Aw ye, updates arrived on Windows 8. :)
One of the hotfixes is for Windows Defender:
Adds new malware remediation functionality to the anti-malware platform.
Adds anti-tampering improvements to the anti-malware platform.
Improves overall performance of the anti-malware platform.
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Does this include the update for IE, that Avast has been pestering me about for the past couple of days?

h6eG5Ng.png


Edit: It does, I hope. Updating as we speak.
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
The benefits of this, those patches could lessen the vulnerabilities for incoming at its always remedy while Linux even though rare attacks occur but more risk to vulnerabilities appeared.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top