Microsoft releases 6 Critical and 2 Important Security Patches

Microsoft has released 8 security patches yesterday. Out of the 8 security patches, 6 are critical and 2 are important patches. Below is the list of various security patches released by Microsoft. First 6 in the list are the critical patches and the rest are Important patches. These updates will be the part of Windows Updates. You can even Control Automatic Updates in Windows.

 

Microsoft.

Microsoft.

1.) Critical Vulnerabilities in Visual Basic 6 Runtime extended files: This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in the ActiveX controls for the Microsoft Visual Basic 6.0 Runtime Extended Files. These vulnerabilities could allow remote code execution if a user browsed a Web site that contains specially crafted content.

2.) Security Vulnerability in GDI: This security update resolves two privately reported vulnerabilities in GDI. Exploitation of either of these vulnerabilities could allow remote code execution if a user opens a specially crafted WMF image file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

3.) Security Vulnerability in Microsoft Office Word: This security update resolves eight privately reported vulnerabilities in Microsoft Office Word and Microsoft Office Outlook that could allow remote code execution if a user opens a specially crafted Word or Rich Text Format (RTF) file.

4.) Security Update for Internet Explorer: This security update resolves four privately reported vulnerabilities. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

5.) Security Vulnerability in Microsoft Excel: This security update resolves three privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

6.) Security Vulerabilities in Windows Search: This security update resolves two privately reported vulnerabilities in Windows Search. These vulnerabilities could allow remote code execution if a user opens and saves a specially crafted saved-search file within Windows Explorer or if a user clicks a specially crafted search URL. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. 

7.) Security Vulnerability in Windows Media Components: This security update resolves two privately reported vulnerabilities in the following Windows Media components: Windows Media Player, Windows Media Format Runtime, and Windows Media Services. The most severe vulnerability could allow remote code execution. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.

8.) Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege: This security update resolves a privately reported vulnerability. The vulnerability could allow elevation of privilege if an attacker bypasses authentication by browsing to an administrative URL on a SharePoint site. A successful attack leading to elevation of privilege could result in denial of service or information disclosure.

 

Also ReadSome notes on Ethical Hacking

Hacking Ruby on Rails.

Advertisements

One Response

  1. […] unknown wrote an interesting post today onMicrosoft releases 6 Critical and 2 Important Security Patches …Here’s a quick excerptSecurity Vulnerability in Microsoft Office Word: This security update resolves eight privately reported vulnerabilities in Microsoft Office Word and Microsoft Office Outlook that could allow remote code execution if a user opens a … […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: