Microsoft patches 4 zero-day vulnerabilities in major Patch Tuesday event

Microsoft patches 4 zero-day vulnerabilities in major Patch Tuesday event

Summary: [UPDATED] 24 vulnerabilities in total are patched in today's round of updates, but four of them are already being exploited in the wild.

SHARE:
TOPICS: Security, Microsoft
13
thumb-microsoftpatch

Today Microsoft released 11 security bulletins fixing 24 vulnerabilities in Windows, Windows Server, Exchange Server, Microsoft SharePoint Server, Office Web Apps, Lync, ASP.NET SignalR, and Visual Studio Team Foundation Server 2013. Five of the bulletins address at least one vulnerability rated Critical. Another recently-reported zero-day was not fixed.

Microsoft says that four of the bulletins (MS13-096, MS13-098, MS13-104 and MS13-106) contain a vulnerability which is being exploited in the wild. Of particular concern is MS13-098 which could undermine code signing, one of the more important fundamental protections available today.

Microsoft also released many non-security updates today.

Topics: Security, Microsoft

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

13 comments
Log in or register to join the discussion
  • A non-article - nothing new here..

    n/t
    The Central Scrutinizer
    • Nobody likes self-congratulatory know-it-alls

      I found it a useful synopsis of of todays patch list.
      No more, no less.
      Perfect.
      Steve__Jobs
  • Good article, Larry

    I found it very useful. Thanks.
    Àvatar
  • Re: MS13-097: Cumulative Security Update for Internet Explorer (2898785)...

    "Seven vulnerabilities, five of them rated critical"

    So what of those of us that use Internet Banking. Do we have to wait for less critical updates to be issued along with those Critical relating to Internet Explorer.

    In using this Patch Tuesday approach the user in such circumstances is more likely to have their personal details compromised.

    ITS WRONG.
    5735guy
    • I got sick and tired of Windows viruses

      After getting hit by a morphing virus I switched to a revolutionary highly polished Linux OS that runs Windows inside it 100% virus free. It's called Robolinux. Check it out. I absolutely love it.
      Luke-IT
      • Go Away

        Spammers should all be removed
        gr1f
      • Viruses

        I don't remember getting a virus ... since my days with XP.
        Michael Alan Goff
  • It's like a minefield.

    Everybody gets real happy when another mine is found. It's a MINEFIELD, there are more and they can cause damage. Stop feeling so happy because one was found. Feel happy when there are no more or maybe all the "booms" have made you deaf.
    trm1945
  • Is anyone else noticing a growth in the number of "zero day" bugs?

    It looks like "The Bad Guys" have grabbed the initiative, and aren't waiting to reverse MS patches any more. Or maybe they always have been, and we're only just starting to notice?
    Zogg
    • Windows

      Hmmmm! You still don't think they want us to upgrade from Windows XP to Windows 8.1 ? ;)
      jsargent
      • Except that at least some of these vulnerabilities also affect Windows 8.x

        So "no", your suggestion does not make sense.
        Zogg
  • nothing new but microsoft always gets the news.

    Well if you think that is alot. See this. http://msisac.cisecurity.org/advisories/2013/2013-100.cfm

    So I am not sure why MS always get the news because they are more popular? or people are jealous?
    dotcypher
    • Popularity is probably the biggest one

      I think a big part of these is that a lot more people use Windows, and this is something that will affect people more than what may happen with Macs. A lot of people on both platforms may not be aware of the risk of a given bug, but one that potentially affects 30% (or however much of the market is still on XP) of the market will have a bigger impact than one that could affect 5% of the market.
      Third of Five