Microsoft Unleashes Massive Security Patch

Its another record-breaking month for fixing software flaws.

Microsoft on Tuesday released
16 security bulletins addressing 49 vulnerabilities
in Microsoft Office, Windows, Internet Explorer and the .NET Framework.
Four of the bulletins are rated critical, 10 are rated important, and two are rated moderate.
Microsoft is advising customers to focus on the four critical bulletins first. These are:
MS10-071
, which addresses 10 Internet Explorer vulnerabilities;
MS10-076
, which addresses an Open Type Font Engine flaw in Windows;
MS10-077
, which fixes a .NET Framework vulnerability; and
MS10-075
, which resolves a flaw in Windows Media Player.
The release sets a new record for the company, only two months after a record-setting month in August. Microsofts August patch -- 14 bulletins addressing 34 vulnerabilities -- broke a record set October, 2009.
Microsoft, however, is not alone in releasing large patches this month:
Oracles quarterly security update
includes fixes for 85 vulnerabilities.
Wolfgang Kandek, CTO of Qualys, notes in
a blog post
that MS10-071, addressing Internet Explorer flaws, is the most important patch.
It is a critical update for Internet Explorer 6, 7 and 8 and has a exploitability index of 1 indicating that Microsoft believes the [vulnerabilities are] relatively easy to exploit, he said. MS10-076 comes in as a close second in our ranking. It is a critical vulnerability in the way Windows handles fonts and can be triggered by a simple malicious Web page without interaction form the user, making it a good candidate for a drive-by infection campaign.
Joshua Talbot, security intelligence manager at Symantec Security Response, observed in an e-mailed statement that 35 of the 49 vulnerabilities could allow remote code execution and that one of the two remaining zero-day vulnerabilities used by
the Stuxnet worm
has been fixed. MS10-073 fixes a flaw that allowed Stuxnet to bypass permission controls.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Microsoft Unleashes Massive Security Patch