Microsoft is to fix faults with its Office productivity suite, as well as Forefront Unified Gateway, in next week’s Patch Tuesday update.
November’s Patch Tuesday release is much smaller than the 16-bulletin, 49 vulnerability-strong update released last month. This time, there are just three bulletins, two of which are rated “Important” and a third is rated “Critical.”
The critical bulletin affects a number of versions of Microsoft Office, including Office 2007 Service Pack 2 and Office 2010, and is targeted at thwarting the threat of remote code execution. One of two bulletins rated Important impacts Office as well, while the remaining bulletin is aimed at (UAG).
“It is possible under certain conditions for the invalid flag reference to be accessed after an object is deleted,” Microsoft said in advisory. “In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution. At this time, we are aware of targeted attacks attempting to use this vulnerability.”
Once the investigation into the IE bug is complete, Microsoft “will take the appropriate action to protect [its] customers,” the company said.
Apple fined 150m euros over App Tracking Transparency feature that it says abuses Apple's market…
OpenAI to release customisable open-weight model in coming months as it faces pressure from open-source…
Samsung's Bespoke AI-powered fridge monitors food to create shopping lists, displays TikTok videos, locates misplaced…
Huawei sees 38 percent jump in consumer revenues as its smartphone comeback continues to gather…
In world-first, China approves commercial flights for EHang autonomous passenger drone, paving way for imminent…
Microsoft closes down IoT and AI lab it operated in Shanghai tech district in latest…
