64 Vulnerabilities Fixed by April Patch Tuesday
Compared with last month’s three security bulletins, Microsoft released a record-breaking 17 security bulletins to address 64 publicly disclosed vulnerabilities. This month’s release includes patches for bugs in Microsoft Windows, Microsoft Office, and Microsoft Visual Studio. It also includes a fix for the vulnerability in Internet Explorer that was uncovered during this year’s Pwn2Own contest.
Nine of the said security bulletins have been rated “critical,” as the vulnerabilities these addressed could end in remote code execution. Eight have been rated “important,” six of which could lead to arbitrary code execution, one could allow privilege escalation, and the last could result to unauthorized information disclosure.
This month’s batch of patches also addresses the MHTML vulnerability in Internet Explorer, reported in January, which could be likened to server-side cross-site scripting (XSS) vulnerabilities in terms of impact.
One critical patch addresses the vulnerability in SMB Browser, which was disclosed last February. According to Microsoft’s assessment, even though this may be used to spread malware, no attacks taking advantage of this threat were found.
Users are strongly advised to patch their systems as soon as possible. Trend Micro product users need not worry, however, as they are protected through Deep Security and OfficeScan with the Intrusion Defense Firewall (IDF) plug-in. For more details, visit our security advisory page.
Post from: TrendLabs | Malware Blog – by Trend Micro
64 Vulnerabilities Fixed by April Patch Tuesday
Spotlight
Cloud Computing
- Security in backups means more than just encryption
- Employees must buy into the company policy for better cloud security
- Desktop virtualization can enhance security performance
- Cybersecurity cooperation becoming military necessity
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- FBI trying to train financial execs on cyber threats
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
- Employees must buy into the company policy for better cloud security
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
No comments yet