In this month’s Patch Tuesday, Microsoft released six security advisories to address 12 vulnerabilities. Three of these security bulletins are deemed “critical” (MS09-071, MS09-074, MS09-072) while the rest are tagged as “important.”
The recently reported vulnerability exploit in Internet Explorer versions 6 and 7 has also been fixed in MS09-072. The said vulnerability could grant the attacker user rights access to the system. In addition, it also allows malicious users to execute arbitrary code in the system. Trend Micro detects this as HTML_SHELLCOD.WT.
Similarly, Adobe also released two security advisories to address recently discovered vulnerabilities in Flash Player and Illustrator. Accordingly, the vulnerability in Flash Player could give malicious users control of the system if successfully exploited.
With the holiday season just around the corner, along with a truckload of holiday-related scams (fake e-cards, phishing attacks, etc.) and malware, users are strongly advised to apply these patches immediately and keep their systems up-to-date.