Patch Tuesday has arrived with multiple patches for Windows. Twenty four vulnerabilities lie in Internet Explorer. There is a cumulative update MS14-010: Cumulative Security update for Internet Explorer (2909921) This is considered to be a critical update for Internet Explorer. This update corrects how Internet Explorer handles objects in memory and adds additional permission validations to internet Explorer. It also corrects flaws that could allow remote code execution where an attacker could get into a computer if the user went to a particular website. If automatic updates are enabled on your computer, this security update will be downloaded and installed automatically.
Other patches include MS14-005: Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2916036)
MS14-006 Vulnerability in IPv6 Could Allow Denial of Service (2904659)
MS14-007 Vulnerability in Direct2D Could Allow Remote Code Execution (2912390)
MS14-009 Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2916607)
MS14-010 Cumulative Security Update for Internet Explorer (2909921)
MS14-011 Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (2928390)
Also today, Adobe released a new patch for their Shockwave Player to fix two vulnerabilities. You can download the latest player by visiting Adobe's Shockwave Player Site.
As always, if you have any questions or concerns, please feel free to contact us as 516-762-0155.
No comments:
Post a Comment