Microsoft to fix 34 holes in Windows, Office, IE

[InfoSec News <alerts () infosecnews org>]

http://news.cnet.com/8301-27080_3-20006781-245.html

By Elinor Mills
InSecurity Complex
CNet News
June 3, 2010

Microsoft will on Tuesday issue 10 bulletins fixing 34 vulnerabilities 
affecting Windows, Office, and Internet Explorer.

Six of the bulletins affect Windows, with two of those rated critical by 
Microsoft. Two bulletins target Office, one targets both Windows and 
Office, and one critical bulletin affects Internet Explorer, according 
to a Microsoft Security Response Center blog post on Thursday.

Microsoft also said that with the June bulletins it will be closing 
Security Advisory 983438, which involves a vulnerability in SharePoint 
Services 3.0 and SharePoint Server 2007 that was disclosed in late April 
and which could lead to a cross-site scripting attack via the browser. 
Proof-of-concept exploit code has been published for that.

The bulletins also address Security Advisory 980088, which involves a 
hole in IE that could allow information disclosure for users running the 
browser on Windows XP. It was disclosed in February.

[...]


_______________________________________________
Best Selling Security Books and More!
Shop InfoSec News
http://www.shopinfosecnews.org/