Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    November 2014
    S M T W T F S
    « Oct    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    30  
  • About Us

    Patch-Tuesday_gray Microsoft Outlook, Internet Explorer are two of the four Critical bulletins (plus ten bulletins rated as Important) in today’s Microsoft Patch Tuesday. Particularly troublesome is the Outlook vulnerability, which is exploitable via preview pane. By not applying these updates, vulnerable systems are at risk of malware infection and unwanted data disclosure among others.

    The four critical bulletins all pose serious risks to users and organizations. If not addressed, the vulnerability in Microsoft Outlook can lead to malware execution once users preview a maliciously crafted email message using Outlook. Applying this patch should be a priority, particularly for organizations who are under the constant threat of targeted attacks by way of spear-phishing.

    For the past months or so, Microsoft has consistenly released Critical security bulletins for Internet Explorer. This month is no different, with security patches for ten privately vulnerabilities affecting several IE 6, including a privately reported IE 10 flaw on Windows 8 and RT. Similar to the Outlook vulnerability, an attacker can exploit this to execute a malware.

    What is interesting is the inclusion of security patches for Windows XP, which Microsoft will stop supporting by April next year. For users and organizations still using the platform, it is important to start or at least seriously consider migrating to later versions of Windows to avoid threats similar to the Java 6 zero-day exploit seen two weeks ago, in which no consumer security updates are available for users as Oracle has already halted its support for that version.

    Security updates for SharePoint, which resolved ten vulnerabilities in the software, rounds up the Critical issues for this month. Those bulletins rated Important include vulnerabilities in MS Office, Excel, FrontPage and Windows, that can lead to varied threats, including an attacker gaining administrative access and risk of information leak among others.

    Users are advised to apply these security updates immediately. For IT administrators, applying certain security updates such as the SharePoint might be tricky, as these might need to be tested for any adverse impact on business operations. You may also visit our Trend Micro Threat Encyclopedia page to know more about how Deep Security solution.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice