Microsoft is keeping it light this September after releasing 13 security bulletins last August. The vendor released five security bulletins this month, all of which were rated “important.” These bulletins resolve 15 flaws found in several software. One of the bulletins addresses five vulnerabilities (MS11-072) in Microsoft Excel and affects even the newest and Mac versions of the program. To successfully exploit these, a potential attacker needs to create malicious Excel files and distribute these via different social engineering schemes. Microsoft also rated this as the top bulletin in deployment priority, thus users and administrators are advised to immediately address these security flaws.
This month’s security updates also include fixes for Windows Internet Naming Service (WINS) and SharePoint Server 2010.
Users are encouraged to immediately download and apply these patches. For more details regarding this month’s Patch Tuesday release, users may visit this Trend Micro security page.
In addition, Microsoft released another non-security update to add six cross-signed DigiNotar root certificates as untrustworthy, following the theft of more than 500 digital certificates issued by DigiNotar. More details on this can be found in Microsoft’s official corporate security response blog.