Microsoft to patch seven Windows, IE and Office flaws

By on
Microsoft to patch seven Windows, IE and Office flaws

Four rated critical.

Microsoft will release seven patches to cover Windows, Internet Explorer and Office vulnerabilities along with fixes for Windows Server and Silverlight.

Four of the bulletins are rated critical, while three earned important designations. They address flaws in Internet Explorer, Windows, Office, Server Software and Silverlight.

The high-priority fix appears to be a cumulative patch that will correct flaws across all supported versions of IE. Attackers can exploit these weaknesses to launch drive-by download attacks against users who unknowingly visit an infected website.

"Microsoft patched IE every month since November 2012, so it shouldn't surprise anyone that they're going to patch it again this month," said Andrew Storms, director of security operations for vulnerability and risk management provider nCircle.

"Microsoft is clearly delivering on their commitment to release more frequent IE patches. They're never going to get the IE bug backlog down to zero, but you have to admire their determination to try."

Another of the pressing critical patches addresses vulnerabilities in Silverlight, an application development suite, that "is widely installed at least on end-user workstations to run media applications, for example Netflix," said Wolfgang Kandez, CTO of cloud security company Qualys.

This article originally appeared at

Copyright © SC Magazine, US edition

Most Read Articles

Log In

|  Forgot your password?