Sony Brings the Bling with Swarovski Photoframe

Microsoft Patches Cover 3 Critical Flaws

Microsoft has released security patches for Windows and Internet Explorer which mend eight vulnerabilities, three of which are rated "critical."

Microsoft Corporation has released security updates to its Windows operating system and Internet Explorer Web browser to address a series of flaws and vulnerabilities, three of which are considered critical. Both Microsoft and security experts recommend users download and install the patches as soon as possible to maintain the integrity of their systems and personal information.

Microsoft’s release of the updates was briefly hampered Tuesday by corrupted files in the company’s online Download Center; the errors affected only the Internet Explorer update ad did not interfere in any way with Microsoft Update or users updating via Windows Update.

Fixes to Internet Explorer include:

  • a vulnerability in the way IE rendered JPEG images which could permit memory corruption and execution of arbitrary code;
  • a cross-domain vulnerability which could enable remote attackers to access data or execute programs on a system by getting a user to browse from a Web site to a Web folder using WebDAV;
  • a vulnerability in the way IE instantiates COM objects such as shell32.dll and dmdskmgr.dll which are not intended to be used by Internet Explorer;

Other "critical" fixes in the security update include a patch for a flaw in Windows’ Plug and Play (PnP) technology and a "wormable" defect in Windows Print Spooler Service which could enable attackers to install programs, access arbitrary data on the machine, or create new users with full access to the system.

The updates also include a denial-of-service attack against Remote Desktop Services (RDP), an issue with Telephony Application Programming Interface (TAPI) affecting systems all the way back to Windows 98 which could enable remote attackers to execute code on affected systems, and a patch to Microsoft’s Kerberos implementation which could have exposed systems to denial-of-service attacks, service crashes, and spoofing attacks.

Related Posts

  • No Related Posts

Trackback URL: http://www.digitaltrends.com/computing/microsoft-patches-cover-3-critical-flaws/trackback/

blog comments powered by Disqus

Join The Digital Trends Community

DT RSS Feed

Everyone wants to be an insider, and you can be one too! Choose your poison: sign-up for our Newsletter, join us on Facebook, or follow us on Twitter. Do all three and you'll be swimming in the the latest news, reviews, videos and more gadget goodness!

DT Newsletter Sign-Up

Sign-up for the Digital Trends newsletter and find out about the latest contests, the hottest content, and the most popular videos. Let us keep you up-to-date!

Our Facebook

Become a DT soldier! Join us on Facebook and share the best news, guides, videos and other cool information directly with all your friends. Some might even thank you for it!

Join the thousands and follow the best of us on Facebook.

Twitter Us

Do you like information in small snippets? Then our Twitter feed is just for you. Follow Digital Trends and you'll be able to catch up daily on our latest content, or even interact directly with our team. Tweet Tweet!

Join the thousands and follow the best of us on Twitter.

That’s Right, Sign-up For Our Monthly Random Prize Drawings and You Could Be That Winner.