Microsoft Releases Patches for Office, Windows

CIO Insight Staff Avatar

Updated on:

Microsoft’s Patch Tuesday is a relatively minor one, with a single bulletin

rated “critical” and two “important.” Affected software

includes applications within Windows and Office.

The

MS11-015 update, rated “Critical,” patches vulnerabilities in

DirectShow, Windows Media Player and Windows

Media Center.

In order for an outside entity to exploit said vulnerabilities, the user would

need to open a specially crafted Microsoft Digital Video Recording (DVR-MS)

file.

“The lone critical issue this month — the DVR-MS vulnerability — will be

somewhat trivial for attackers to exploit,” Joshua Talbot, security

intelligence manager for Symantec Security Response, wrote in a March 8 e-mail.

“It also allows attackers to skip a few of the traditional steps needed to

get malicious code to execute on a targeted computer. This is because when

processing DVR-MS files, Windows Media Player and Media

Center use data in these files

themselves to determine what code in memory gets executed.”

For more, read the eWEEK article: Microsoft Patches Windows, Office Vulnerabilities.

CIO Insight Staff Avatar