As part of its monthly patch release schedule, Microsoft issued 12 security bulletins today that cover 21 vulnerabilities.

The bugs fixed by the patches affect Windows, Windows Media Player, Internet Explorer and Microsoft Outlook. They cover vulnerabilities such as denial of service attacks and remote code execution that could lead to full system compromise.

Of the vulnerabilities, eight are considered critical. One of the security problems fixes an exploit in Microsoft's Word program to deal with a virus called Backdoor.Ginwui, which opens a backdoor on the compromised computer. The virus was first found in mid-May.

In addition to the patches, the Malware removal tool has been updated to catch the Win32/Cissi and Win32/Fizzer viruses. Also, Internet Explorer is being changed to reflect the outcome of a lawsuit in which Microsoft came out on the losing end.

The fix changes the way Internet Explorer handles ActiveX controls. Microsoft issued a ‘compatibility patch’ in April to give developers time to adjust to the new method of handling controls. With this update, that compatibility bridge goes away.

Details on the patch are available from Microsoft, and the patch can be downloaded via Windows Update on your computer.


http://www.internetnews.com/security/article.php/3613176