SOFTWARE HOUSES Microsoft and Adobe released a bonanza of patches this month, fixing flaws in popular software like Internet Explorer and Excel as well as the notorious attack vectors Reader and Flash.
Microsoft released what's believed to be the second largest patch bundle in 2011, fixing 34 vulnerabilities in 16 bulletins. Nine of the bulletins were rated 'critical', its maximum severity rating, while seven were considered 'important'.
One bulletin, MS11-050 fixed 11 privately disclosed flaws in Internet Explorer, some of which could have led to an attacker remotely taking over a computer. Another, MS11-052, fixed VML, a markup language of the web browser.
Wolfgang Kandek, CTO of security firm Qualys said, "Browser and plug-in vulnerabilities together have been the point of entry for many recent security incidents and are the main infection vector for mass malware such as Zeus and SpyEye."
At the same time, Adobe also released a flood of patches for its hugely popular software products Flash Player, Shockwave, Reader and Acrobat. As Sophos noted, the critical Flash patch has come only nine days after the last fix and patches a vulnerability that has already been exploited in the wild.
Shockwave for Windows and Mac needed fixes for a massive 24 vulnerabilities, while Adobe fixed 13 flaws in Acrobat and Reader, which the firm pre-briefed about last week. The firm also revealed that the update of Acrobat 10.1 includes a sandbox mode that is already available in Reader X. µ
Read more: http://www.theinquirer.net/inquirer/news/2079030/mega-patch-day-passes-microsoft-adobe#ixzz1PLhnf4QG
The Inquirer - Computer hardware news and downloads. Visit the download store today.