Security Hero Rotating Header Image

Microsoft, Oracle issue patches for slew of holes

Microsoft, Oracle issue patches for slew of holes

Microsoft Corp. last week released eight security updates that patch 23 vulnerabilities in Windows, Internet Explorer, Excel and other software products in the company’s portfolio.

Analysts noted that even more dangerous than the unusually large number of patches is the fact that nearly half of them fix flaws that have already been or can be exploited by hackers.

“What really caught our eye is the large number of exploits that are already available,” said Wolfgang Kandek, chief technology officer at Qualys Inc., a provider of on-demand security tools. “Out of the 23, there are 10 exploits or [flaws] that have proof of concept.”

“You could call this a spring cleaning,” said Eric Schultze, CTO at Shavlik Technologies LLC, a network security vendor. “Microsoft jumped on a couple of zero-days, including Excel from February and WordPad from last December. It’s nice to see those taken care of.”

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=30952

Leave a Reply

Your email address will not be published. Required fields are marked *