Patch Tuesday: Microsoft to plug holes in Windows Defender

on

Patch Tuesday: Microsoft to plug holes in Windows Defender

Patch Tuesday: Microsoft to plug holes in Windows Defender.

Microsoft’s Patch Tuesday on 9 April will be an important spring cleaning day; the company plans to implement nine security bulletins. One of the bulletins deals with vulnerabilities in Windows Defender for Windows 8 and RT; the hole is rated as important and can be exploited to achieve elevated privileges.

The headline bulletins will be the two critical security holes, one of which affects all versions of Windows and Windows Server, and another critical vulnerability which can be found in all versions of Internet Explorer. Whether the Internet Explorer fix will be addressing the IE vulnerability revealed at the recent Pwn2Own contest is unclear though. Both critical holes allow for remote code execution.

The remaining bulletins have been rated as important and aim to close holes in Windows, Office InfoPath 2010, and Web Apps 2010 Service Pack 1, as well as in server software such as Groove Server and SharePoint. Microsoft says that most of these vulnerabilities allow attackers to elevate their privileges and launch denial-of-service attacks. The patches for Microsoft Office and for the server software will close holes that allow potential attackers to harvest data.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s