Feeds

Get up, shake off the hangover: These 57 Microsoft holes won't fix themselves

This month's fat security Patch Tuesday has landed

Beginner's guide to SSL certificates

A bumper Microsoft Patch Tuesday has rolled out 12 security bulletins that collectively address a hefty 57 vulnerabilities.

Five of these bulletins reveal critical holes in the software giant's products: one bulletin (MS13-009) covers 13 bugs found in Internet Explorer, while another (MS13-016) tackles a privilege-escalation flaw in win32k.sys, a core Windows kernel-mode component. One of the IE bugs can be exploited by an attacker to gain control of a user's machine via a drive-by download.

Another update (MS13-010) also patches Microsoft's web browser to squash a security bug in an ActiveX dynamic-link library. This update is, if anything, even more important because it addresses a vulnerability that's being actively exploited by miscreants.

The other critical updates cover Windows bugs, as explained in Microsoft's bulletin here.

In other patching news, Adobe followed up a Flash release last week that grappled with two 0-day vulnerabilities, with a new patch for its plugin. The update fixes 17 security flaws. Users of Internet Explorer 10 and Google Chrome should be patched automatically.

Commentary on both updates can be found in a blog post by Wolfgang Kandek, CTO of Qualys, here. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
BlackEnergy crimeware coursing through US control systems
US CERT says three flavours of control kit are under attack
China is ALREADY spying on Apple iCloud users, claims watchdog
Attack harvests users' info at iPhone 6 launch
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Getting ahead of the compliance curve
Learn about new services that make it easy to discover and manage certificates across the enterprise and how to get ahead of the compliance curve.