Microsoft patches 4 zero-day vulnerabilities in major Patch Tuesday event

Summary:[UPDATED] 24 vulnerabilities in total are patched in today's round of updates, but four of them are already being exploited in the wild.


Today Microsoft released 11 security bulletins fixing 24 vulnerabilities in Windows, Windows Server, Exchange Server, Microsoft SharePoint Server, Office Web Apps, Lync, ASP.NET SignalR, and Visual Studio Team Foundation Server 2013. Five of the bulletins address at least one vulnerability rated Critical.  Another recently-reported zero-day  was not fixed.

Microsoft says that four of the bulletins (MS13-096, MS13-098, MS13-104 and MS13-106) contain a vulnerability which is being exploited in the wild. Of particular concern is MS13-098 which could undermine code signing, one of the more important fundamental protections available today.

Microsoft also released many non-security updates today.

Topics: Security, Microsoft


Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years. He was most recently Editorial Director of BYTE, Dark Reading and Network Computing at UBM Tech. Prior to that he spent over a decade consulting and writing on technology subjects, primarily in the area of sec... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.