Microsoft Fixes Slew of Flaws, Including Six Critical Flaws
January 7, 2009 by AntivirusWare.Microsoft recently released their December 2008 security bulletin. The bulletin includes fixes for six critical flaws, which affect Windows GDI, Word, Excel, Internet Explorer and Windows Search. In addition to the critical flaws, there are many Microsoft categorizes as “important.” The “important” updates affect SharePoint and Windows Media Components.
Microsoft also has supplied an exploitability index with each bulletin so system administrators can prioritize what needs to be patched. All security patches are available for Windows and Office via Microsoft Update or via the individual bulletins.
The first and most critical patch is MS08-070, which has an exploitability index of 1 to 2. Microsoft urges customers to apply this patch immediately. It is titled “Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349)”, and affects a great many Microsoft software packages. The security hole could allow malware to control your software.
Next is MS08-071, also critical, with an exploitability index of 2 to 3. This could allow malware to take control of your entire system if not patched. The attacker would be able to install programs, do anything they want with data, and create new accounts with full user rights.
MS08-072 is the third critical patch, with an exploitability index of 1 to 3. This is mainly a flaw in Microsoft word, and could allow malware to take over.
There are three more critical flaws; including MS08-073, MS08-074 and MS08-075, all of which could allow malware to be used to take control of your computer. Update your security software and patch your system!