Microsoft issued a record number of monthly patches on Tuesday, including fixes for eight critical holes affecting Windows, Internet Explorer, Microsoft Word, and other programs that could be exploited to take control of a computer.
Of the 14 patches addressing a total of 34 vulnerabilities, four of them should be given priority, Microsoft said in a Microsoft Security Response Center blog post:
• MS10-052, which resolves a vulnerability in Microsoft's MPEG Layer-3 audio codecs that could allow remote code execution if a specially crafted media file were opened or a Windows user received specially crafted streaming content from a Web site.
• MS10-055, which fixes a hole in Windows Media Player's Cinepak Codec that could allow remote code execution if a computer opens a specially crafted media file, or receives specially crafted streaming content from a Web site.
• MS10-056, which resolves four flaws in Microsoft Office, including one that could allow remote code execution if a computer user opens or previews a specially crafted rich text format e-mail.
• MS10-060, which plugs two holes that could allow remote code execution, in Microsoft .Net Framework and Microsoft Silverlight.
More: http://news.cnet.com/8301-27080_3-20013210-245.html
Of the 14 patches addressing a total of 34 vulnerabilities, four of them should be given priority, Microsoft said in a Microsoft Security Response Center blog post:
• MS10-052, which resolves a vulnerability in Microsoft's MPEG Layer-3 audio codecs that could allow remote code execution if a specially crafted media file were opened or a Windows user received specially crafted streaming content from a Web site.
• MS10-055, which fixes a hole in Windows Media Player's Cinepak Codec that could allow remote code execution if a computer opens a specially crafted media file, or receives specially crafted streaming content from a Web site.
• MS10-056, which resolves four flaws in Microsoft Office, including one that could allow remote code execution if a computer user opens or previews a specially crafted rich text format e-mail.
• MS10-060, which plugs two holes that could allow remote code execution, in Microsoft .Net Framework and Microsoft Silverlight.
More: http://news.cnet.com/8301-27080_3-20013210-245.html