KitGuru KitGuru.net – Tech News | Hardware News | Hardware Reviews | IOS | Mobile | Gaming | Graphics Cards
Microsoft had a relatively easy March, having just three bulletins fixing four vulnerabilities. April is a different story, with 17 bulletins being issued, with 64 different vulnerability fixes.
This ties with the ‘most bulletins' since December 2010 and takes the top position for the number of flaws fixed.
Nine bulletins in the list are marked as ‘critical' with all of them carrying a risk of remote code execution. The remaining eight are flagged as important, six of these enable remote code execution, one allows privilege escalation and the remaining one can lead to information disclosure. Seven of the bulletins have forced restarts and the rest of them are possible.
There are patches for Internet Explorer, Office and Windows itself. This time there are patches for other software such as Office Web Apps and Visual Studio. Internet Explorer 9 is immune to the flaws which are affecting V6, V7 and V8. These are being patched next week.
Microsoft have also said that the patches are fixing a MHTML flaw which was discussed in January and an SMB flaw disclosed in February. The full list will be announced by Microsoft next week, but this is what we have so far.
| # | Rating | Impact | Affected software |
|---|---|---|---|
| 1 | Critical | Remote Code Execution | Internet Explorer 6/7/8, Windows XP/2003/Vista/7/2008 R2 |
| 2 | Critical | Remote Code Execution | Windows XP/2003/Vista/2008/7/2008 R2 |
| 3 | Critical | Remote Code Execution | Windows XP/2003/Vista/2008/7/2008 R2 |
| 4 | Critical | Remote Code Execution | Windows XP/2003/Vista/2008/7/2008 R2 |
| 5 | Critical | Remote Code Execution | Windows XP/2003/Vista/2008/7/2008 R2 |
| 6 | Critical | Remote Code Execution | Office XP, Windows XP/2003/Vista/2008 |
| 7 | Critical | Remote Code Execution | Windows XP/2003/Vista/2008/7/2008 R2 |
| 8 | Critical | Remote Code Execution | Windows XP/2003/Vista/2008/7/2008 R2 |
| 9 | Critical | Remote Code Execution | Windows XP/2003/Vista/2008/7/2008 R2 |
| 10 | Important | Remote Code Execution | Excel 2002 (Office XP)/2003/2007/2010, Office for Mac 2004/2008/2011, Excel Viewer, OpenXML File Format Converter for Mac, Office Compatibility Pack |
| 11 | Important | Remote Code Execution | PowerPoint Web App, PowerPoint 2002 (Office XP)/2003/2007/2010, Office for Mac 2004/2008/2011, PowerPoint Viewer, PowerPoint Viewer 2007, OpenXML File Format Converter for Mac, Office Compatibility Pack |
| 12 | Important | Remote Code Execution | Office XP/2003/2007, Office for Mac 2004/2008, OpenXML File Format Converter for Mac |
| 13 | Important | Remote Code Execution | Windows XP/2003/Vista/2008/7/2008 R2 |
| 14 | Important | Remote Code Execution | Visual Studio .NET 2003/2005/2008/2010, Visual C++ Redistributable 2005/2008/2010 |
| 15 | Important | Information Disclosure | Windows XP/2003/Vista/2008/7/2008 R2 |
| 16 | Important | Remote Code Execution | Windows XP/2003 |
| 17 | Important | Elevation of Privilege | Windows XP/2003/Vista/2008/7/2008 R2 |
wow this is a big one. its hard to believe they can still find so many bugs and fixes in this on such a regular basis.