Microsoft released 11 patches fixing 17 vulnerabilities where six of these vulnerabilities are considered “critical”. However, the patches failed to fix an exploited flaw in Microsoft Excel which was revealed last January 16. Each of the 17 vulnerabilities can allow an attacker to take over a PC and six are client-side flaws, four bugs impact Microsoft Office and two affect Internet Explorer. Many of the vulnerabilities addressed by the patches could be exploited if a Windows user simply opens a file or visits a malicious or compromised website, these are the favorite attack methods of cybercriminals.

The release impacted a high number of Microsoft applications, including Active Directory, Active Directory Application Mode (ADAM), Internet Information Services (IIS), Visual Basic and Works.

Users of Microsoft products are advised to quickly apply bulletin MS08-010, which affects IE versions 6 and 7 installed in several versions of Windows operating system, including Vista.

Popularity: 1% [?]