Microsoft Releases 10 Security Patches for Windows, Excel, and IE
If you use Microsoft Windows, Excel, or their Internet Explorer browser you better watch out, because there are some large security holes that need patching. Microsoft on Tuesday published 10 software security advisories, warning Windows users and corporate administrators of 22 new flaws that affect the company’s products. Neowin.net reports that the advisories, and patches published with the bulletins, range from an “important” flaw affecting only Microsoft Windows NT Server to a collection of eight security holes, including three rated “critical,” that leave Internet Explorer open to attack. Microsoft’s highest severity rating for software flaws is its “critical” ranking, while “important” is considered slightly less severe.
One flaw, in Microsoft Excel, even affects Apple Computer’s Mac OS X. The abundance of flaws could leave corporate PCs vulnerable to attack if administrators are not able to patch quickly. A similar situation occurred in April, when Microsoft published seven advisories detailing 20 flaws. While one security hole stood out among those 20–and led to the widespread Sasser worm–there are no standouts in the current gaggle of goofs.
CRN reports that the seven critical bulletins apply to a range of Microsoft products, including Windows XP, Server 2003, Excel and Internet Explorer..
Three of the bulletins were tagged with the lesser rating of “important.” They addressed vulnerabilities in the RPC runtime library, the WebDav XML message handler and NetDDE. The RPC and WebDav XML vulnerabilities could open the door to denial-of-service attacks. The NetDDE vulnerability could allow for remote code execution, according to Microsoft.
VNUNet explains how such security holes can attrack hackers and viruses to ones computer:
The flaws, mentioned in Microsoft’s monthly security update, could allow hackers to gain control of users’ computers and steal data, using the Windows operating platform.
By exploiting the holes hackers could potentially access machines and solicit financial information or use them to distribute junk emails.
Last month, Microsoft found two new security flaws in its software, including a critical hole that has been used to spread viruses using Jpeg graphics.
Download the Microsoft Security Patches