ID: IRCNE2012051494
Date: 2012-05-09
According to "zdnet", Microsoft wheeled out another batch of security patches today to fix multiple dangerous security flaws that expose billions of Windows users to remote code execution attacks.
The Patch Tuesday batch for May 2012 covers at least 23 documented vulnerabilities in Microsoft Office, Microsoft Windows, the Microsoft .NET Framework and Microsoft Silverlight.
The company is urging Windows users to pay special attention to MS12-034, a “critical” bulletin that patches 10 distinct security holes.
The vulnerable code in the MS12-034 bulletin is linked to the Duqu malware.
Some details:
- MS12-034 (Microsoft Office, Windows, .NET Framework, and Silverlight): This security update resolves three publicly disclosed vulnerabilities and seven privately reported vulnerabilities in Microsoft Office, Microsoft Windows, the Microsoft .NET Framework, and Microsoft Silverlight. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a malicious webpage that embeds TrueType font files.
- Microsoft is also highlighting MS12-029 as another high-priority update that should be deployed immediately. This bulletin, also rated critical, addresses a security flaw in Microsoft Word that could be exploited by hackers to take complete control of a vulnerable machine. Attack vectors for this issue include maliciously crafted websites and email, the company said.
Related Links:
Microsoft’s patch for May
- 2