Jump to content

Microsoft Finally Patch The Security Flaws


Matsuda

Recommended Posts

Microsoft_patch_tuesday.jpg



The October 2013 Patch Tuesday brought us a total of eight security bulletins supposed to fix 26 vulnerabilities in several products, including Windows, Internet Explorer, Office, and Silverlight.

Microsoft recommends users to prioritize the deployment of MS13-080, MS13-081, and MS13-083, which are aimed at patching holes in Internet Explorer and Windows.

First of all, MS13-080 is supposed to resolve 10 issues in Internet Explorer, with the most severe allowing attackers to gain the same rights as the current user browsing the web with Microsoft’s in-house app that will soon reach version 11 in Windows 8.1.

The security update is considered to be critical for IE6, IE7, IE8, IE9, and IE10 on Windows, and moderate for IE6, IE7, IE8, IE9, and IE10 on Windows Server.

“The most severe vulnerabilities could allow remote code execution if a customer views a specially crafted webpage using Internet Explorer, as described in Microsoft Security Advisory 2887505. An attacker who successfully exploited these vulnerabilities could gain the same rights as the current user running Internet Explorer. All but one of these issues were privately disclosed,” the company noted in a security advisory.

MS13-081, on the other hand, tries to patch seven issues in Windows, with Redmond claiming that no successful exploits have been reported, as all flaws were privately reported.


Microsoft-Launches-Windows-Internet-Expl



“The most severe vulnerability could allow remote code execution if a user views a malicious webpage with specially crafted OpenType fonts. This release also addresses vulnerabilities that could allow elevation of privilege if an attacker gains access to a system, in some cases physical access to a USB port is required,” it explained.

Last but not least, MS13-083 is only aimed at a single issue in Windows that would allow remote code execution if an unpatched system is available via an ASP.NET web application. Again, no successful exploits have been reported, says Microsoft.

As usual, all these patches are being delivered through Windows Update, so just make sure you are connected to the Internet to download and deploy all of them.



Source And Source

Link to comment
Share on other sites


  • Replies 1
  • Views 1.3k
  • Created
  • Last Reply

Top Posters In This Topic

  • demoneye

    1

  • Matsuda

    1

Popular Days

Top Posters In This Topic

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...