Microsoft is to fix faults with its Office productivity suite, as well as Forefront Unified Gateway, in next week’s Patch Tuesday update.
November’s Patch Tuesday release is much smaller than the 16-bulletin, 49 vulnerability-strong update released last month. This time, there are just three bulletins, two of which are rated “Important” and a third is rated “Critical.”
The critical bulletin affects a number of versions of Microsoft Office, including Office 2007 Service Pack 2 and Office 2010, and is targeted at thwarting the threat of remote code execution. One of two bulletins rated Important impacts Office as well, while the remaining bulletin is aimed at (UAG).
“It is possible under certain conditions for the invalid flag reference to be accessed after an object is deleted,” Microsoft said in advisory. “In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution. At this time, we are aware of targeted attacks attempting to use this vulnerability.”
Once the investigation into the IE bug is complete, Microsoft “will take the appropriate action to protect [its] customers,” the company said.
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…
New chapter for LastPass as it becomes an independent company to focus on cybersecurity, after…
US FCC seeks to ban Chinese telecom firms at centre of national security concerns from…
Two updates to Anthropic's AI chatbot Claude sees arrival of a new business-focused plan, as…
