Malware, Patch/Configuration Management, Vulnerability Management

Microsoft patches 18 Internet Explorer vulnerabilities, closes an actively exploited hole in Office

Microsoft on Tuesday released five patches that address 23 vulnerabilities in Windows and related components.

The highest-priority fix is MS13-047, a cumulative Internet Explorer bulletin, rated "critical," which corrects a whopping 18 flaws in the popular web browser. 

Security researchers also highlighted the importance of deploying MS13-051, which repairs a single vulnerability in Office. 

While the remote-execution bug was privately reported to Microsoft by Google researchers, it apparently also was discovered by more nefarious parties before it could be fixed, as the software giant said it was "aware of limited, targeted attacks that attempt to exploit this vulnerability," Dustin Childs, a spokesman for Microsoft Trustworthy Computing, wrote in a blog post.

Meanwhile, Adobe on Tuesday distributed updates to its 11.7 Flash Player for Windows, Mac and Linux, and 11.1 for Android, to close a single vulnerability.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.