November Patch Tuesday Addresses IE But Leaves Out Microsoft Word Vulnerability

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
Next November Patch Tuesday Addresses IE But Leaves Out Microsoft Word Vulnerability-3 Next

Second on your list of priorities is MS13-089, which addresses a vulnerability in Windows Graphics Device Interface (GDI) that could allow a remote code execution in all versions of Windows. We have seen this type of issue before. In previous related GDI issues, the vulnerability was caused by improper parsing of TrueType fonts (TTF) in shared content. The vulnerability could be exploited if an attacker crafts a malicious file or website and convinces a user to download the file or open an attachment. The attacker would receive the same level of privilege as the running application that was using the GDI interface.

This November Patch Tuesday will be a busy one for IT, especially for the many organizations that use IE. Eight bulletins, three rated critical, were released by Microsoft. This slideshow features a rundown of the November updates, provided by Paul Henry, security and forensic expert at Lumension.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

IT security careers The Most In-Demand Security Jobs and How to Get Them

Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ...  More >>

142x105itbeusasecurity2.jpg 9 Predictions for Cybersecurity’s Role in Government and Politics in 2017

Experts predict how cybersecurity will affect and involve our government, policies and politics in 2017. ...  More >>

Shadow IT Security How Risky Behaviors Hurt Shadow IT Security

Examine some of the concerns involving shadow IT security and some of the riskiest behaviors, applications and devices. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.