Compared with last month’s three security bulletins, Microsoft released a record-breaking 17 security bulletins to address 64 publicly disclosed vulnerabilities. This month’s release includes patches for bugs in Microsoft Windows, Microsoft Office, and Microsoft Visual Studio. It also includes a fix for the vulnerability in Internet Explorer that was uncovered during this year’s Pwn2Own contest.
Nine of the said security bulletins have been rated “critical,” as the vulnerabilities these addressed could end in remote code execution. Eight have been rated “important,” six of which could lead to arbitrary code execution, one could allow privilege escalation, and the last could result to unauthorized information disclosure.
This month’s batch of patches also addresses the MHTML vulnerability in Internet Explorer, reported in January, which could be likened to server-side cross-site scripting (XSS) vulnerabilities in terms of impact.
One critical patch addresses the vulnerability in SMB Browser, which was disclosed last February. According to Microsoft’s assessment, even though this may be used to spread malware, no attacks taking advantage of this threat were found.
Users are strongly advised to patch their systems as soon as possible. Trend Micro product users need not worry, however, as they are protected through Deep Security and OfficeScan with the Intrusion Defense Firewall (IDF) plug-in. For more details, visit our security advisory page.
Post from: TrendLabs | Malware Blog – by Trend Micro
64 Vulnerabilities Fixed by April Patch Tuesday
Related Posts
- April 2011 Patch Tuesday
Once again, this day of every month is the scheduled release of updates from Microsoft. April 2011 Patch Tuesday from Microsoft contains 17 security bulletins (covering 64 vulnerabilities) 9 of the is... - Two Recent Zero-Day Bugs Fixed by February Patch Tuesday
The two recent zero-day vulnerabilities in Internet Explorer and the Graphics Rendering Engine found in late December and in early January, respectively, have been addressed by today’s Patch Tuesday ... - February Patch Tuesday: three 0-days fixed
After a quiet January Patch Tuesday, Microsoft will be issuing 12 updates fixing 22 vulnerabilities for February's Patch Tuesday. These patches will update Windows, Internet Exp... - January Patch Tuesday Fixes Three Vulnerabilities
After being battered by a record Patch Tuesday last month, January may come as a relief to system administrators everywhere. This month’s patch cycle includes two bulletins—one rated “im... - Largest-Ever Patch Tuesday Fixes 49 Vulnerabilities
Microsoft fixed a record number of vulnerabilities in its October Patch Tuesday. The company issued 16 bulletins to patch 49 separate vulnerabilities. All versions of Windows from Windows XP up to th... - September Patch Tuesday Resolves 11 Vulnerabilities
Patch Tuesday has arrived, bringing with it the monthly crop of Microsoft security patches. September has a total of nine bulletins, fixing a total of 11 vulnerabilities, all but one of which affects... - Microsoft Patch Tuesday for April 2010: 11 bulletins
According to the Microsoft Security Response Center, Microsoft will issue 11 Security Bulletins addressing 25 vulnerabilities on Tuesday. It will also host a webcast to addres... - Blog: April Patch Tuesday Adobe and Microsoft
Aprils Patches Adobe and Microsoft
View full post on Securelist / All Updates... - Many Updates on Patch Tuesday
Just as announced Friday last week, Microsoft released 17 security bulletins and according updates, fixing overall more than 60 security vulnerabilities in Windows, Internet Explorer, Office and the D... - Denial of Service vulnerabilities back in the spotlight – patch BIND now!
Until recently, only remote code execution vulnerabilities have made the mainstream news.
These are the bug strains which may let an attacker get into your computer if you do nothing more than simply ...
Posted on 13 April 2011. Tags: April, Fixed..., Patch, Tuesday, Vulnerabilities
The above information is reprinted from and copyrighted © by Trend Micro.
