Patch Tuesday: Microsoft Fixes 'Critical' Flaws
As part of its monthly Patch Tuesday security update, yesterday Microsoft released several fixes for its various software products. At the top of the list: fixes for five security flaws that could allow hackers to bypass system security and take remote control of a computer.
Microsoft has rated five of the security vulnerabilities 'critical,' which is the firm's highest security rating. Two of these updates address flaws in the Internet Explorer (IE) web browser, including versions IE6 through IE10 (the latter being available for Windows 8- and Windows RT-based machines exclusively).
IE ActiveX Library Flaws Presents Problems
According to Microsoft, a security vulnerability in Internet Explorer's ActiveX library has already been exploited by hackers. It's possible that, if someone was lured to a malware-infected web page, a hacker could exploit the flaw and take control of a user's computer.
That's a serious issue, which is why Microsoft is insisting everyone update their systems immediately. In fact, it might be a good idea to shut down IE until the update has been applied. (Source: zdnet.com)
Another 'critical' flaw affects Microsoft's Exchange Server software and could, like the IE vulnerability, allow for remote code execution. Another very similar issue has been found in Microsoft Office and is also addressed by this most recent security update.
Windows 8, RT Receive Non-Security-Related Fixes
Microsoft has also issued a number of non-security-related fixes for its Windows 8 and Windows RT operating systems. One of those fixes is designed to address complaints about its Surface tablet computer struggling to establish a stable WiFi connection.
Another update provides a fix for a Windows Store bug that effectively blocked Windows 8 and Windows RT users from downloading applications. (Source: zdnet.com)
Finally, Microsoft says that its most recent Patch Tuesday update will improve overall system performance in Windows 8. For example, one fix results in a quicker response from a Windows 8-based machine engaged in sleep mode. (Source: microsoft.com)
Remember that, unless your system is set to automatically download and install these updates, you will need to visit Microsoft.com in order to acquire these fixes.