We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

PowerPoint, Windows flaws fixed

Microsoft releases nine 'critical' patches

Microsoft yesterday released 12 security bulletins outlining fixes for known vulnerabilities in its software, including nine 'critical' flaws.

The critical security bulletins involve flaws in Microsoft Windows, the Internet Explorer web browser, Outlook Express and Office. The other three involve vulnerabilities in Windows and are considered 'important' by Microsoft.

Eleven of the security bulletins are designed to prevent remote code execution that could allow an attacker to take complete control of an affected system, while the remaining bulletin addresses a vulnerability that could allow the unauthorised elevation of user privileges by an attacker.

One vulnerability involves a problem with DNS resolution that could allow remote code execution in Windows XP, Windows Server 2003 and Windows 2000. Another addresses several vulnerabilities in a Windows Server service that could allow remote code execution, according to the company.

Also issued was a cumulative security update for Internet Explorer that addresses remote code execution issues and another that addresses similar problems in Windows, Outlook Express and the Microsoft Management Console.

Another of the service bulletins resolves a vulnerability in HTML help that could allow remote code execution, while another deals with similar vulnerabilities in Microsoft Visual Basic for Applications and a vulnerability in Microsoft Office.

One service bulletin addresses a remote code execution flaw that exists directly within the Windows kernel.

The three 'important' fixes involve a patch for Windows Explorer to repair a remote code execution flaw, a patch to fix similar vulnerabilities in the Microsoft Windows Hyperlink Object Library and a patch for the kernel flaw that could allow the unauthorised elevation of user privileges by an attacker.

Microsoft recommends that companies download and install the patches immediately to correct the vulnerabilities.

Last month, Microsoft released seven security patches as part of its monthly service bulletin releases.

IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model