Microsoft has issued an advanced notification to fix several security vulnerabilities in windows operating system, Internet explorer web-browser, Office and the .NET framework.
The Security bulletins for this month patch Tuesday are intended to eliminate 57 vulnerabilities in Microsoft products. Five of the twelve critical bulletins fix vulnerabilities that could allow an attacker to remotely execute arbitrary code on vulnerable systems.
One of the bulletins for vulnerabilities in Windows XP, 2003 and Vista, two – critical flaws in IE, and one more – includes updates for Microsoft Exchange, which uses a vulnerable Outside In library from Oracle. The next bulletin applies only to Windows XP operating system.
While remaining seven notifications from Microsoft ranked as important, and the vulnerabilities that they fix basically can escalate privileges on targeted system, except for the gap in SharePoint which allows for code injection.
If you are using Microsoft based system make sure to review next patch Tuesday advance notification to prepare your infrastructure and plan how you will patch and restart affected software’s.