Microsoft released a dozen updates on Tuesday to patch more than a score of vulnerabilities, among them a security issue in the company's Word application.
The patches fixed seven critical vulnerabilities in Microsoft's latest software--including Internet Explorer, the Windows Media Player, and the JScript language--as well as a single critical flaw in Windows 98, 98SE and Millennium Edition. Another eight 'important' flaws and five 'moderate' flaws--as ranked by the software company--were also fixed by the updates.
The most major patch, a cumulative update to the software giant's Web browser, fixed eight flaws. The company also closed a hole in its flagship word processing application that is currently being exploited by online attackers to compromised systems in specifically targeted companies. The attack consists of an e-mail message sent to a small number of individuals in the targeted company, with each message carrying a Word attachment.
A year ago, the national computer emergency response teams in the United Kingdom, Canada and Australia all warned of targeted attacks hitting organizations in those countries. While the U.S. organization, US-CERT, did not issue an alert, antivirus companies acknowledged that low-volume e-mail attacks had targeted U.S. companies and government agencies.
More information on the bulletins can be found within Microsoft's summary for the month.
Posted by: Robert Lemos