Tuesday, April 21, 2015

11 security bulletins in MS Patch Tuesday

Last Tuesday, Microsoft released 11 security bulletins for Windows, Office and Internet Explorer where four bulletins are rated 'CRITICAL'. Most of the IE vulnerabilities are related to memory corruption issues that allow remote code execution. Besides this ASLR bypass issue is also found in IE. Security flaws affecting Word 2007, Word 2010, Office 2010 and Office Web Apps Server 2010 are also addressed in this Patch Tuesday. Microsoft Windows also get critical fixes for HTTP.sys and Microsoft Graphics Component. 'Important' rated Bulletins cover privileges escalation, security bypass, information disclosure and Denial-of-Service (DoS) affecting SharePoint, AD federation services, all versions of .Net and Hyper-V. <more>

No comments: