November Patch Tuesday Addresses IE But Leaves Out Microsoft Word Vulnerability

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
Next November Patch Tuesday Addresses IE But Leaves Out Microsoft Word Vulnerability-3 Next

Second on your list of priorities is MS13-089, which addresses a vulnerability in Windows Graphics Device Interface (GDI) that could allow a remote code execution in all versions of Windows. We have seen this type of issue before. In previous related GDI issues, the vulnerability was caused by improper parsing of TrueType fonts (TTF) in shared content. The vulnerability could be exploited if an attacker crafts a malicious file or website and convinces a user to download the file or open an attachment. The attacker would receive the same level of privilege as the running application that was using the GDI interface.

This November Patch Tuesday will be a busy one for IT, especially for the many organizations that use IE. Eight bulletins, three rated critical, were released by Microsoft. This slideshow features a rundown of the November updates, provided by Paul Henry, security and forensic expert at Lumension.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Compliance4-190x128 GRC Programs: Building the Business Case for Value

Experience shows that organizations that manage GRC as an integrated program — involving people, processes and technologies — are more successful in delivering value to their organizations ...  More >>

Social14-190x128.jpg 10 Ways to Improve Your Social Media Security Policy and Posture

When phone calls, video conference information, pictures, chat logs, etc. are all stored in a central location via social media, a potential hacker has access to just about everything, quickly and easily. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.