Microsoft has prepared seven bulletins for Patch Tuesday this month, four ranked critical and another three rated important, covering a handful of flaws.
Three of the vulnerabilities could allow an attacker to execute code remotely on a target machine, while two could let hackers elevate privileges to take control of a system.
“It is puzzling to see such a high rating for this software that typically requires opening of an infected file in order for the attack to work. It will be interesting to see the attack vector for this vulnerability that warrants the ‘critical’ rating,” said Wolfgang Kandek, CTO at Qualys.
The other important updates relate to OneNote, Office 2010 for Mac, and the Windows OS.
Google and Mozilla have already pushed out patches preventing exploits shown to have breached the Chrome and Firefox browsers at PWN2OWN.
Microsoft’s Internet Explorer 10 browser was broken in the competition, but it is unclear when the tech giant will cover the security hole penetrated by French exploit seller VUPEN. In the past, VUPEN has been reluctant to share details of its research with vendors, choosing to keep them for customers only.
At the time of publication neither Microsoft nor VUPEN had responded to a request for comment.
Are you a security expert? Try our quiz!
Rights group argues ChatGPT tendency to generate false information on individuals violates GDPR data protection…
European Commission says Apple's iPadOS is 'gatekeeper' due to large number of businesses 'locked in'…
As the cloud continues to be an essential asset for all businesses, developing and maintaining…
Internatinal conference in Vienna calls for controls on AI-powered autonomous weapons to ensure humans remain…
Major Taiwan chip assembly and test firm KYEC to sell Jiangsu subsidiary, exit mainland China…
As deepfake technology continues to blur the lines between reality and deception, businesses and individuals…