Microsoft patches 4 zero-day vulnerabilities in major Patch Tuesday event

[UPDATED] 24 vulnerabilities in total are patched in today's round of updates, but four of them are already being exploited in the wild.

thumb-microsoftpatch

Today Microsoft released 11 security bulletins fixing 24 vulnerabilities in Windows, Windows Server, Exchange Server, Microsoft SharePoint Server, Office Web Apps, Lync, ASP.NET SignalR, and Visual Studio Team Foundation Server 2013. Five of the bulletins address at least one vulnerability rated Critical.  Another recently-reported zero-day  was not fixed.

Microsoft says that four of the bulletins (MS13-096, MS13-098, MS13-104 and MS13-106) contain a vulnerability which is being exploited in the wild. Of particular concern is MS13-098 which could undermine code signing, one of the more important fundamental protections available today.

Microsoft also released many non-security updates today.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All