Three browser vulnerabilities could be exploited to allow an attacker to remotely execute code in either IE6 or IE7. A fourth flaw was rated 'critical' for IE6 but given a less severe 'important' rating for IE7.
Microsoft also patched critical vulnerabilities in the WebDAV component of Windows XP and Vista, along with critical flaws in Word for both Windows and Mac.
McAfee researcher Craig Schmugar said that the flaws covered by the monthly update highlight the perils of web-based attacks.
"Today's patches underline the need to be aware when opening files, and the risk of surfing the web unprotected," he said.
"Many of the vulnerabilities could be exploited if a Windows user simply opens a file or visits a malicious or compromised website. These are favourite attack methods among cyber-criminals."
Microsoft noted that none of the February security bulletins affects its two newest releases, Windows Vista SP1 and Windows Server 2008.
_(36).jpg&h=140&w=231&c=1&s=0)
_(37).jpg&h=140&w=231&c=1&s=0)
Cyber Resilience Summit
iTnews Executive Retreat - Security Leaders Edition
Huntress + Eftsure Virtual Event -Fighting A New Frontier of Cyber-Fraud: How Leaders Can Work Together
iTnews Cloud Covered Breakfast Summit
Live & Hands On Demo: Navigating the BMC AMI DevX Platform to Understand Code Faster Using AI
_(1).jpg&h=140&w=231&c=1&s=0)
