On Tuesday, Microsoft issued 6 security bulletins, 4 of them critical, and 2 important updates. The bulletins fix a total of 11 vulnerabilities in Windows, Microsoft Office, and Internet Explorer.

According to Microsoft, the company has already observed targeted malware attacks taking advantage of the MS12-027 vulnerability. In order to mitigate the risks posed by these currently circulating targeted attacks, the company is advising users to disable the ActiveX controls via the Trust Center Settings > ActiveX Settings, option.

More details:

The patched vulnerabilities are as follows:

  • MS12-023 – Cumulative Security Update for Internet Explorer (2675157)
  • MS12-024 – Vulnerability in Windows Could Allow Remote Code Execution (2653956)
  • MS12-025 – Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)
  • MS12-027 – Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
  • MS12-026 – Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)
  • MS12-028 – Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)

The severity and exploitability of these flaws is as follows:

End and corporate users are advised to update  their PCs as soon as possible to prevent the likelihood of a successful remote exploitation thanks to these vulnerabilities.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Blog Staff

About the Author

Blog Staff

The Webroot blog offers expert insights and analysis into the latest cybersecurity trends. Whether you’re a home or business user, we’re dedicated to giving you the awareness and knowledge needed to stay ahead of today’s cyber threats.

Share This