Just two updates released by Microsoft this month: one rated critical, one important.
Microsoft
has issued two updates in the November round of its monthly patch release cycle, one of them rated ‘critical’.
The critical update addresses vulnerabilities in
Microsoft XML Core Services
which could be exploited to create a web page that would cause the
Internet Explorer
browser to execute malicious code. There are currently no known exploits for this vulnerability in the wild, although
Microsoft
‘s ‘Exploitability index’ assigns the vulnerability a rating that indicates that consistent exploit code is likely to be created.
The update assigned the slightly less severe rating of ‘important’ addresses a publicly disclosed vulnerability in Microsoft Server Message Block (SMB) Protocol which, again, could be exploited to allow an attacker to execute code remotely.
As always, users are advised to ensure they install updates as soon as possible to optimise security. More details on the release are
here
.
Posted on 12 November 2008 by
Virus Bulletin
Leave a Reply