November Patch Tuesday Addresses IE But Leaves Out Microsoft Word Vulnerability

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
Next November Patch Tuesday Addresses IE But Leaves Out Microsoft Word Vulnerability-3 Next

Second on your list of priorities is MS13-089, which addresses a vulnerability in Windows Graphics Device Interface (GDI) that could allow a remote code execution in all versions of Windows. We have seen this type of issue before. In previous related GDI issues, the vulnerability was caused by improper parsing of TrueType fonts (TTF) in shared content. The vulnerability could be exploited if an attacker crafts a malicious file or website and convinces a user to download the file or open an attachment. The attacker would receive the same level of privilege as the running application that was using the GDI interface.

This November Patch Tuesday will be a busy one for IT, especially for the many organizations that use IE. Eight bulletins, three rated critical, were released by Microsoft. This slideshow features a rundown of the November updates, provided by Paul Henry, security and forensic expert at Lumension.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

142x105itbeusasecurity2.jpg 9 Predictions for Cybersecurity’s Role in Government and Politics in 2017

Experts predict how cybersecurity will affect and involve our government, policies and politics in 2017. ...  More >>

Shadow IT Security How Risky Behaviors Hurt Shadow IT Security

Examine some of the concerns involving shadow IT security and some of the riskiest behaviors, applications and devices. ...  More >>

BitSightRansomware0x Ransomware: The Rising Face of Cybercrime

Ransomware is a legitimate threat, with estimates from the U.S. Department of Justice showing that over 4,000 of these attacks have occurred every day since the beginning of the year. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.