Microsoft Patch Tuesday To Bring Zero-Day Vulnerability Fix And Other Critical Updates
The first Bulletin addresses a zero-day vulnerability affecting IE versions 9 and 10, along with other security fixes for IE versions 6 through 11. This one is deemed Critical because of the zero-day exploit identified by FireEye last month, which was used to infect the U.S. Veterans of Foreign Wars website and other government portals.
Bulletin number 2 is also Critical -- it affects almost all versions of Windows from XP through 8.1 and, if left unpatched, would allow an attacker to take control of a PC remotely.
The remaining Bulletins -- 3 through 5 -- are all labeled as Important, the first two of which require a restart. One of them deals with an Elevation of Privilege exploit found in Windows, and the other two address Security Feature Bypass vulnerabilities present in Windows and Silverlight.