The Hacker News Logo
Subscribe to Newsletter

Microsoft Patch Tuesday - 8 Security Updates, 4 critical vulnerabilities, including Internet Explorer zero-day

October is turning out to be a busy month for patches. This month also marks the 10-year anniversary of the Patch Tuesday program, which Microsoft started in October of 2003.

Scheduled for tomorrow, Microsoft has announced that they will release eight security updates including four critical, addressing vulnerabilities in Microsoft Windows, Internet Explorer (IE), Microsoft Office and its other products.

Bulletin 1 is almost certainly to a zero-day vulnerability CVE-2013-3893 that has been actively exploited by hackers in targeted attacks. Though Microsoft issued a temporary "Fix it" in September for the vulnerability,

Bulletins 2, 3 and 4 address vulnerabilities in a wide range of Microsoft products, including Windows XP, 7 and 8, and Windows Server 2003, 2008 and 2012.

Bulletins 5, 6 and 7 address vulnerabilities that could allow for remote code executionBulletin 8 addresses an information disclosure vulnerability in SIlverlight and is the least urgent of the eight patches.

Microsoft's pre-release notice provides more details of the affected software packages.

Adobe will also be releasing updates on Tuesday for Reader XI and Acrobat XI for Windows. Both are rated 2, which means it's a critical vulnerability, but not known to be in use.



Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.