The Hacker News

on Monday, 9 September 2013
 

 

The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers // via fulltextrssfeed.com

September's Patch Tuesday updates to fix Critical flaws in Windows, IE and Office
9/9/2013 4:56:00 PM

This Tuesday, Microsoft will be releasing its September's Patch Tuesday updates includes 14 bulletins in total, fixing issues in Windows, Office, Outlook, Internet Explorer, SharePoint and FrontPage.

In all, there are eight remote code execution flaws in Microsoft Office, Microsoft Server Software, Microsoft Windows, which can allow hackers to gain access to, or take control of an affected system without user prompts or permission.

The four critical bulletins affect Sharepoint, Outlook, Internet Explorer and XP and Windows 2003. Bulletien second will address a Remote Code Execution flaw in Microsoft Office that can be triggered simply by previewing an email in Outlook, even without explicitly opening the e-mail. The problem for users is that Outlook automatically displays the content of each email it previews.

The remaining 10 bulletins are all rated important by Microsoft, four of them patch remote code execution flaws in Office, while three other privilege escalation flaws are being fixed in Windows and Office.

  • Bulletin 1: Rated Critical - affects Office and Server software: may allow remote code execution.
  • Bulletin 2: Rated Critical - affects Office: may allow remote code execution.
  • Bulletin 3: Rated Critical - affects Windows and Internet Explorer: may allow remote code execution.
  • Bulletin 4: Rated Critical - affects Windows: may allow remote code execution.
  • Bulletin 5: Rated Important - affects Windows: may allow remote code execution
  • Bulletin 6: Rated Important - affects Office: may allow remote code execution.
  • Bulletin 7: Rated Important - affects Office: may allow remote code execution.
  • Bulletin 8: Rated Important - affects Office: may allow remote code execution.
  • Bulletin 9: Rated Important - affects Office: may allow an elevation of privileges.
  • Bulletin 10: Rated Important - affects Windows: may allow an elevation of privileges.
  • Bulletin 11: Rated Important - affects Windows: may allow an elevation of privileges.
  • Bulletin 12: Rated Important - affects Office: may allow sensitive information to leave the affected system.
  • Bulletin 13: Rated Important - affects Windows and the .NET Framework: may allow a Denial of Service.
  • Bulletin 14: Rated Important - affects Windows: may allow a Denial of Service.

Microsoft does not get into detail about the vulnerabilities, because the patches have not been rolled out as of yet. The patches will be made available to the general public this Tuesday, September 10.

Latest Hacking News Updates

Author details

photo of Wang Wei

has been a security consultant for the government, financial securities, banks. Working as Researcher with The Hacker News. He is also a renowned speaker on the subject of 'Exploit Writing'. He is Malware analyst, Freelancer Penetration Tester, Cloud Computing, Mobile application & Software Developer. Follow him @ Twitter | |

 

You are receiving this email because you subscribed to this feed at feedmyinbox.com

If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)