September’s Patch Tuesday updates to fix Critical flaws in Windows, IE and Office


This Tuesday, Microsoft will be releasing its September’s Patch Tuesday updates includes 14 bulletins in total, fixing issues in Windows, Office, Outlook, Internet Explorer, SharePoint and FrontPage.

In all, there are eight remote code execution flaws in Microsoft Office, Microsoft Server Software, Microsoft Windows, which can allow hackers to gain access to, or take control of an affected system without user prompts or permission.
The four critical bulletins affect Sharepoint, Outlook, Internet Explorer and XP and Windows 2003. Bulletien second will address a Remote Code Execution flaw in Microsoft Office that can be triggered simply by previewing an email in Outlook, even without explicitly opening the e-mail. The problem for users is that Outlook automatically displays the content of each email it previews.

The remaining 10 bulletins are all rated important by Microsoft, four of them patch remote code execution flaws in Office, while three other privilege escalation flaws are being fixed in Windows and Office.

  • Bulletin 1: Rated Critical – affects Office and Server software: may allow remote code execution.
  • Bulletin 2: Rated Critical – affects Office: may allow remote code execution.
  • Bulletin 3: Rated Critical – affects Windows and Internet Explorer: may allow remote code execution.
  • Bulletin 4: Rated Critical – affects Windows: may allow remote code execution.
  • Bulletin 5: Rated Important – affects Windows: may allow remote code execution
  • Bulletin 6: Rated Important – affects Office: may allow remote code execution.
  • Bulletin 7: Rated Important – affects Office: may allow remote code execution.
  • Bulletin 8: Rated Important – affects Office: may allow remote code execution.
  • Bulletin 9: Rated Important – affects Office: may allow an elevation of privileges.
  • Bulletin 10: Rated Important – affects Windows: may allow an elevation of privileges.
  • Bulletin 11: Rated Important – affects Windows: may allow an elevation of privileges.
  • Bulletin 12: Rated Important – affects Office: may allow sensitive information to leave the affected system.
  • Bulletin 13: Rated Important – affects Windows and the .NET Framework: may allow a Denial of Service.
  • Bulletin 14: Rated Important – affects Windows: may allow a Denial of Service.
Microsoft does not get into detail about the vulnerabilities, because the patches have not been rolled out as of yet. The patches will be made available to the general public this Tuesday, September 10.

 

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s