Microsoft Releases Patches for Office, Windows

This month's Patch Tuesday was a light one for Microsoft. The company released three security bulletins.

Microsoft's Patch Tuesday is a relatively minor one, with a single bulletin rated "critical" and two "important." Affected software includes applications within Windows and Office.

The MS11-015 update, rated "Critical," patches vulnerabilities in DirectShow, Windows Media Player and Windows Media Center. In order for an outside entity to exploit said vulnerabilities, the user would need to open a specially crafted Microsoft Digital Video Recording (DVR-MS) file.

"The lone critical issue this month -- the DVR-MS vulnerability -- will be somewhat trivial for attackers to exploit," Joshua Talbot, security intelligence manager for Symantec Security Response, wrote in a March 8 e-mail. "It also allows attackers to skip a few of the traditional steps needed to get malicious code to execute on a targeted computer. This is because when processing DVR-MS files, Windows Media Player and Media Center use data in these files themselves to determine what code in memory gets executed."

This article was originally published on 03-08-2011
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.