martes de parches

Microsoft To Patch Critical Office Flaw

Microsoft will use its monthly patch to fix a critical security hole in versions of its Microsoft Office suit that could allow attackers to run malicious code on vulnerable systems.

Microsoft Releases Huge Patch Tuesday Update For 49 Bugs

Microsoft has released its largest-ever bundle of patches, pushing out 16 updates that fix a total of 49 individual vulnerabilities. The patches include updates for six critical vulnerabilities, most notably a huge fix for some remote code-execution bugs in various versions of Internet Explorer.

Microsoft’s problems with Token Kidnapping [.pdf] on the Windows platform aren’t going away anytime soon.

More than a year after Microsoft issued a patch to cover privilege escalation issues that could lead to complete system takeover, a security researcher plans to use the Black Hat conference spotlight to expose new design mistakes and security issues that can be exploited to elevate privileges on all Windows versions including the brand new Windows 2008 R2 and Windows 7.

Microsoft has released four new security bulletins in the July 2010 edition of patch Tuesday. These bulletins address five vulnerabilities.It is not uncommon, and has become expected, for a light patch Tuesday to follow a heavy patch Tuesday release from Microsoft.  Last month, Microsoft released a hefty load of patches with 10 security bulletins addressing 34 vulnerabilities.

In the face of an uptick in hacker attacks targeting a zero-day flaw in its Internet Explorer browser, Microsoft has announced plans to ship an emergency IE patch tomorrow (March 30, 2010).

The out-of-band update comes exactly 21 days after Microsoft said it was aware of targeted attacks against Windows users running its flagship browser.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.