A 'Critical' Patch Day For Microsoft
Microsoft’s monthly round of security bulletins cuts across several parts of the software giant’s product lineup and are designed to prevent attackers from taking control of users’ systems remotely.
Heading the list are three separate bulletins that, in all, address eight separate newly discovered vulnerabilities in Microsoft Office which could allow an attacker to take complete control of an affected system.
MS07-023 addresses BIFF record, set font and filter record vulnerabilities in Excel, while MS07-024 addresses array overflow, document stream and RTF parsing vulnerabilities that potentially allows remote execution of code. The last of the top three bulletins MS07-025 fixes the drawing object vulnerability in Office.
An additional two fixes address a total of 10 vulnerabilities related to Microsoft Exchange and Internet Explorer.
Read more: internetnews.com