The software giant said one of the seven bulletins addresses critical vulnerabilities in Word.
Next week's monthly patch batch from Microsoft is not very burdensome, but it includes a new requirement that certificates must contain RSA key lengths of more than 1,024 bits.
Microsoft is prepping fixes for 10 vulnerabilities, with researchers' expecting the highest-priority fixes to involve issues in Internet Explorer and Exchange.
A Windows vulnerability that Microsoft patched back in April continues to be used in targeted attacks against political, industrial and defense organizations.
In addition to 15 other vulnerabilities, Microsoft plugged a gaping Core XML Services hole that was being used in active exploits being foisted through Internet Explorer.
Microsoft's monthly security update will be comprised of nine fixes to address 16 vulnerabilities, but it is unclear if a zero-day vulnerability in XML Core Services, which is under active exploit, will be remediated.
As part of its regularly scheduled patch release, Microsoft issued fixes for gaping vulnerabilities in Internet Explorer and Remote Desktop Protocol. The software giant also released a new feature that, in the wake of the Flame virus, enables certificates to be automatically updated.
The fixes are set to address 25 vulnerabilities, covering Windows, Internet Explorer, Visual Basic for Applications, Dynamics AX and the .NET Framework.
Just when you thought all of the windows that control system recon trojan Duqu used to propagate had been roped off, the software giant releases a new set of fixes.
Microsoft on Tuesday plans to dispense seven patches to correct 23 security vulnerabilities.
Administrators better hurry to patch at least one vulnerability, in Windows Common Controls, that is being used in limited but targeted exploits.
Get ready IT administrators: Scheduled patches from Microsoft -- and Adobe -- are set to arrive on Tuesday.
A severe vulnerability in the Remote Desktop Protocol, which was patched by Microsoft on Tuesday along with six other bugs, affects all versions of Windows and could result in a worm.
Microsoft next week plans to release six patches, including one for a "critical" vulnerability affecting all supported versions of the software giant's operating system.
Happy Valentine's Day, IT administrators. Microsoft has showered you with nine security patches to remedy 21 vulnerabilities.
Tuesday's monthly patch batch from Microsoft will be relatively light, with the software giant planning nine fixes -- four rated "critical" -- to address 21 vulnerabilities.
Researchers warned Thursday that a recently patched vulnerability in Windows Media is being used by remote attackers to launch malware.
While Tuesday's security update only contains one fix for a "critical" issue, it addresses a number of issues that could lead to malware infestations.
The security update, which plans to address eight vulnerabilities, will include one "critical" fix.
Microsoft officials credit more robust software security design with a diminished number of bugs garnering the tech giant's most severe rating.
Microsoft on Tuesday is scheduled to release 14 patches to fix 20 vulnerabilities across its product line.
In an effort to smooth the patching process for users, Microsoft plans to improve its updating mechanism in Windows 8, due out next year.
Microsoft on Tuesday patched one "critical" vulnerability, plus three other less-severe flaws. Not patched, as expected, is a bug related to the Duqu trojan.
Microsoft is prepping four security bulletins for its November update, though it is not expected to provide a fix for the zero-day flaw used to spread Duqu.
Microsoft on Tuesday released eight fixes to address 23 vulnerabilities that lie across its software and operating system components.
The Patch Tuesday bulletins, of which two are rated "critical" and six deemed "important," are due Oct. 11 at about 2 p.m. EST.
Microsoft released five important bulletins addressing 15 flaws, along with an update revoking six more DigiNotar certificates, while Adobe issued critical updates for Reader and Acrobat.
Microsoft on Friday accidentally posted details about Tuesday's scheduled security update. The software giant removed the five "important" bulletins, but not before organizations such as the SANS Internet Storm Center posted a summary of the patches. According to the group, six of the vulnerabilities being patched are in SharePoint, five in Excel, two in Office and one each in Windows and the Windows Internet Name Service (WINS). The Windows, Excel and Office flaws could lead to remote code execution. However, Microsoft has said none of the five patches earned the software giant's most severe designation of "critical." In a tweet, the Microsoft Security Response Center said it has since removed the content about the patches.
Microsoft is readying five "important" security bulletins for Windows and Office, while Adobe plans to release critical updates for Reader and Acrobat.
As part of its monthly Patch Tuesday upgrades, Microsoft on Tuesday released fixes for 22 vulnerabilities discovered in Internet Explorer, Windows, Visio and Visual Studio.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards