Microsoft Fixes 'Critical' Bugs in Windows, Office
Microsoft's most recent security update includes fixes for a total of 22 flaws affecting the Windows operating system (OS), the Microsoft Office program suite, and the .Net Framework.
The 22 fixes are spread across seven security bulletins, three of which Microsoft has ranked 'critical,' the company's highest security rating. Another four have been rated 'important,' which is one step down from 'critical.'
Remote Code Execution Flaws Rampant
All but two of the security bulletins address issues related to remote code execution vulnerabilities. Problems like these can put a computer system at risk of being taken over by a hacker working at a distance.
Although none of these bugs has yet been exploited by cyber criminals, Microsoft has said that it's only a matter of time before hackers discover a way to infiltrate a system using these vulnerabilities.
That's why it's important that users apply this most recent update to cover these security holes as soon as they can.
The most significant flaws can be found in Microsoft Office 2003, 2007, and Microsoft Office for Mac 2011. According to reports, it is a flaw in the way these programs handle Rich Text Format files that could allow a hacker to gain control of a user's computer. (Source: computerworld.com)
Microsoft says the exploit can be triggered even without a user actually opening a file. In fact, a computer can be compromised when a user simply views an attached file in Microsoft Outlook's preview pane.
Microsoft Office for Mac 2011 is also affected. As a result, Microsoft now says it's important that Mac users start paying attention to security vulnerabilities, and taking steps to close them.
Windows, Silverlight Flaws Also Addressed
Microsoft has also issued updates that address issues related to last year's Duqu malware affecting Windows, the .Net Framework, Silverlight, and Office. However, it is worth noting that Microsoft insists Duqu has not been an issue this year.
The company says it has also fixed six bugs in the popular spreadsheet program Excel, including a remote code execution vulnerability.
A remote code flaw in Visio has also been addressed. In order for the remote code exploit to work, Microsoft says a hacker would need to convince a user to click on a specially crafted file.
Still, security expert Wolfgang Kandek says that's not an unlikely scenario.
"As we have seen in some of the last year's data breaches...attackers are capable of drafting a convincing email that can trick a percentage of the emails recipients into opening such a file," Kandek said. (Source: pcmag.com)
Free eBook: The Windows 7 Guide: From Newbies to Pros. In this 46 page guide you will be introduced to Windows 7 and what it has to offer. It will teach you about the new taskbar, how to resolve software compatibility issues, how to customize Windows Aero, and explain what the Windows 7 Libraries are all about. Also included: a detailed list of what software is included in Windows 7, and how easy networking is with Windows 7 along with other topics. The advice within this guide will help new users become acquainted with Windows 7 and can also help those who are on the fence about purchasing Windows 7 decide if it would be a good idea. Click here to download this eBook now! Note: this eBook is free, but registration is required; after that, you can select more ebooks and videos for download without registering again. If you have questions / problems with the registration form, please read this.