Microsoft has issued 12 patches to address 21 security
flaws in its software, with eight of the patches deemed “critical”
by the company.
The patches, part of Microsoft’s monthly scheduled patching
cycle, address problems in the Windows operating system, the Office
productivity suite and Windows Media Player. Most of the flaws
potentially allow remote attackers to access users’ systems.
Four of the critical updates tackle security holes that can open
up systems in all versions of Windows.
One is a cumulative update for the Internet Explorer browser,
and another deals with a problem with Windows Media Player,
versions 7.1, 9 and 10.
Another patch covers vulnerabilities in Microsoft Jscript, and a
problem is also addressed in ART image rendering.
There is also a critical Windows patch that tackles bugs in the
operating system’s graphics rendering engine, but this problem only
affects the ageing Windows 98, Windows 98 Second Edition (SE) and
Windows Millennium Edition (ME) platforms.
Two critical updates are also aimed the Office suite. There is a
fix for a vulnerability in Word, which affects Microsoft Works, and
there is a patch for a flaw in PowerPoint too.
Among the other fixes, there is one for an “important” flaw in
Windows' Server Message Block (SMB) component, which could enable
attackers to elevate their level of system privileges.