Microsoft has released updates for April. In total there are 23 vulnerabilities fixed in eight updates. Five of the updates are categorized as critical, two as important and one as moderate. Some of these vulnerabilities are exploited already.
Update MS09-009 fixes two vulnerabilities in Microsoft Office Excel. Both of these could allow an attacker to execute arbitrary code in target system. Update is categorized as critical.
Update MS09-010 fixes four vulnerabilities in Microsoft Wordpad and Office Text Converters. These could allow an attacker to execute arbitrary code in target system. Update is categorized as critical.
Update MS09-011 fixes a vulnerability in Microsoft DirectShow. This could allow an attacker to execute arbitrary code in target system. Update is categorized as critical.
Update MS09-013 fixes three vulnerabilities in Windows HTTP Services. These could allow an attacker to execute arbitrary code in target system. Update is categorized as critical.
Update MS09-014 fixes six vulnerabilities in Microsoft Internet Explorer. These could allow an attacker to execute arbitrary code in target system. Update is categorized as critical.
Update MS09-012 fixes four vulnerabilities in Microsoft Windows. These could allow an attacker to elevate privileges in target system. Update is categorized as important.
Update MS09-016 fixes two vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition). These could be used to cause denial of service in target system. Update is categorized as important.
Update MS09-015 fixes a vulnerability in SearchPath. This blended threat vulnerability could allow an attacker to elevate privileges in target system. Update is categorized as moderate.
New version of Microsoft Windows Malicious Software Removal Tool was released too.
More information about the updates can be read here.
For consumer the easist way to get the update is to use Microsoft automatic update service.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment