The two recent zero-day vulnerabilities in Internet Explorer and the Graphics Rendering Engine found in late December and in early January, respectively, have been addressed by today’s Patch Tuesday release.
This month’s release comprises 12 bulletins, three of which are rated “critical” while the remaining nine are rated ”important.” The other bulletins include those that address vulnerabilities in Windows Kernel, Microsoft Visio, Active Directory, and the Local Security Authority Subsystem Service (LSASS).
Despite the number of bulletins, Microsoft’s list of notable bugs to patch has yet to be cleared, as the recently found vulnerability in MHTML remains unpatched.
Although no active attacks have been found exploiting the MHTML vulnerability, applying security measures to protect systems from possible exploits is strongly recommended. Users may opt to implement the workarounds that Microsoft has provided. Trend Micro product users are already safe from being victimized by exploits leveraging this specific vulnerability through Deep Security and OfficeScan with the Intrusion Defense Firewall (IDF) plug-in.
Post from: TrendLabs | Malware Blog – by Trend Micro
Two Recent Zero-Day Bugs Fixed by February Patch Tuesday
Related Posts
- February Patch Tuesday: three 0-days fixed
After a quiet January Patch Tuesday, Microsoft will be issuing 12 updates fixing 22 vulnerabilities for February's Patch Tuesday. These patches will update Windows, Internet Exp... - Microsoft overlooks four Stuxnet zero-day bugs in Patch Tuesday (Digital Trends)
Digital Trends - Despite a larger than usual Patch Tuesday addressing 13 vulnerabilities yesterday, Microsoft appears to have left out a few vulnerabilities that the Stuxnet worm exploits. First publi... - 64 Vulnerabilities Fixed by April Patch Tuesday
Compared with last month’s three security bulletins, Microsoft released a record-breaking 17 security bulletins to address 64 publicly disclosed vulnerabilities. This month’s release inclu... - Patch Tuesday for February 2011 – Adobe and Microsoft
As expected, today Microsoft and Adobe published updates for Windows, Internet Explorer, Windows FTP service, Visio, Flash Player, Shockwave Player, Reader, Acrobat and ColdFusion.
Microsoft published... - Many Updates on Patch Tuesday
Just as announced Friday last week, Microsoft released 17 security bulletins and according updates, fixing overall more than 60 security vulnerabilities in Windows, Internet Explorer, Office and the D... - April 2011 Patch Tuesday
Once again, this day of every month is the scheduled release of updates from Microsoft. April 2011 Patch Tuesday from Microsoft contains 17 security bulletins (covering 64 vulnerabilities) 9 of the is... - Patch Tuesday
Microsoft has issued 12 security bulletins making fixes in Windows, Office and Internet explorer.
MS11-003 -- Cumulative Security Update for Internet Explorer
Critical (Remote Code Execution)
Micro... - MS Tuesday – February 2011
System administrators and security experts are focusing on Patch Tuesday every month (also known as Microsoft Black Tuesday or MS Tuesday). This time Microsoft patched many important vu... - Adobe Patch Tuesday
Adobe has issued patches to fix a number of vulnerabilities in:
-- Adobe Reader X (10.0) for Windows and Macintosh;
-- Adobe Reader 9.4.1 (and earlier) for Windows, Macintosh and UNIX
-- Adobe Acro... - SSCC47- Now with transcript! Patch Tuesday, HBGary, Nasdaq hack, RBS WorldPay hacker and Pwn2Own
Michael Argast is my guest on this weeks Chet Chat as we discuss the weeks news you can use.
I have transcribed this episode (by hand) for the hearing impaired and those of you who prefer text to aud...
Posted on 09 February 2011. Tags: Bugs, February, Fixed..., Patch, recent, Tuesday, ZeroDay
