It’s Patch Tuesday
folks, and Microsoft
has issued its monthly slew of updates. It’s more or less good news, as there are just four this time around, and none are labelled as “critical”--all four are merely “important”.
Bulletin 1 is a remote code execution vulnerability that affects all versions of Microsoft Office
(2003 and up), Web Apps, and SharePoint Server 2010 Service Pack 1 and later. Bulletin 2 is aimed at solving a problem with a PDF exploit in targeted attacks that Microsoft first addressed in Security Advisory (2914486) which allowed for an elevation of privilege in a kernel component of Windows
XP and Windows Server 2003. Newer versions of the OS are unaffected.
Bulletin 3 is also an elevation of privilege issue that affects Windows operating systems, although it only affects Windows 7 and Windows Server 2008 R2, while Bulletin 4 addresses a denial of service vulnerability for Microsoft Dynamics AX, which is Microsoft’s enterprise resource planning software.