Microsoft is to fix faults with its Office productivity suite, as well as Forefront Unified Gateway, in next week’s Patch Tuesday update.
November’s Patch Tuesday release is much smaller than the 16-bulletin, 49 vulnerability-strong update released last month. This time, there are just three bulletins, two of which are rated “Important” and a third is rated “Critical.”
The critical bulletin affects a number of versions of Microsoft Office, including Office 2007 Service Pack 2 and Office 2010, and is targeted at thwarting the threat of remote code execution. One of two bulletins rated Important impacts Office as well, while the remaining bulletin is aimed at (UAG).
“It is possible under certain conditions for the invalid flag reference to be accessed after an object is deleted,” Microsoft said in advisory. “In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution. At this time, we are aware of targeted attacks attempting to use this vulnerability.”
Once the investigation into the IE bug is complete, Microsoft “will take the appropriate action to protect [its] customers,” the company said.
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…