Microsoft has delivered a monster Patch Tuesday release today with fixes for a number of vulnerabilities – covered in eight security bulletins – affecting all versions of Windows and other applications as well. Of the eight security bulletins six carry a critical rating, meaning they could be used to launch remote code execution attacks with minimal user action.
Two of them apply to Windows, with one for all versions of the OS, and the second just for Windows Vista and Server 2008. A third bulleting addresses a critical flaw in Internet Explorer 6 and 7, while the remaining three relate to Microsoft Office. The two security bulleting rated as important address flaws in Office SharePoint Server and Windows Media Player – with the latter also allowing remote execution of code but rated only as “important” because the user needs administrative rights for the exploit to be really nasty. As always, the advice is to update as soon as possible through Windows Update.