Microsoft releases monthly security updates

Microsoft released software security patches Tuesday, fixing some nasty browser and mail server flaws as well as a bug in SQL Server that was publicly disclosed in December.

The company released four updates, including critical fixes for Exchange and Internet Explorer. Two other updates, for SQL Server and Visio, were rated “important,” meaning it would be a little harder for hackers to exploit the bugs they fix.

The Exchange patch is considered the most important, according to security vendor TippingPoint. Without the patch, hackers could shut down or possibly even take control of an Exchange e-mail server by sending a specially written e-mail attachment. “A compromised e-mail server, in addition to snooping corporate secrets, can be used as a launch pad for attacks against other servers in the enterprise,” TippingPoint said in a statement.

The critical update for Internet Explorer fixes two vulnerabilities in the browser that could be exploited by hackers to run unauthorized software on a victim’s computer. For this attack to work, the victim would have to be tricked into visiting a maliciously crafted Web page. Although no attacks have yet been reported exploiting these bugs, Microsoft believes that now that the patches are out, it will be easy for attackers to work up a reliable attack.

More Article Click

Name (required)

Mail (will not be published) (required)

Website