Microsoft is to fix faults with its Office productivity suite, as well as Forefront Unified Gateway, in next week’s Patch Tuesday update.
November’s Patch Tuesday release is much smaller than the 16-bulletin, 49 vulnerability-strong update released last month. This time, there are just three bulletins, two of which are rated “Important” and a third is rated “Critical.”
The critical bulletin affects a number of versions of Microsoft Office, including Office 2007 Service Pack 2 and Office 2010, and is targeted at thwarting the threat of remote code execution. One of two bulletins rated Important impacts Office as well, while the remaining bulletin is aimed at (UAG).
“It is possible under certain conditions for the invalid flag reference to be accessed after an object is deleted,” Microsoft said in advisory. “In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution. At this time, we are aware of targeted attacks attempting to use this vulnerability.”
Once the investigation into the IE bug is complete, Microsoft “will take the appropriate action to protect [its] customers,” the company said.
Digital transformation is an ongoing journey, requiring continuous adaptation, strong leadership, and skilled talent to…
Australian computer scientist faces contempt-of-court claim after suing Jack Dorsey's Block and Bitcoin Core developers…
OpenAI's ChatGPT gets search features, putting it in direct competition with Microsoft and Google, amidst…
New Google Maps allows users to ask for detailed information on local spots, adds AI-summarised…
US-sanctioned Huawei sees sales surge in first three quarters of 2024 on domestic smartphone popularity,…
Apple posts slight decline in China sales for fourth quarter, as Tim Cook negotiates to…