Patch Tuesday for October 2012 | by nakedsecurity.sophos.com


nakedsecurity.sophos.com
by Chester Wisniewski

Microsoft released seven bulletins this morning as part of its monthly patch program. Fortunately only one of the bulletins was rated critical, the remaining six received an important rating.
Patch Tuesday for October 2012

Two vulnerabilities are fixed in MS12-064, this months only critical bulletin. The flaws affect users of Microsoft Word and Word Viewer for Windows and can lead to remote code execution (RCE) if a victim were to open a booby-trapped document.

MS12-065 addresses an RCE vulnerability in Microsoft Works 9 and MS12-066 fixes an elevation of privilege (EoP) flaw in Microsoft Infopath, Sharepoint, Groove, Communicator and Lync. Leer más “Patch Tuesday for October 2012 | by nakedsecurity.sophos.com”