Microsoft patches 4 zero-day vulnerabilities in major Patch Tuesday event

[UPDATED] 24 vulnerabilities in total are patched in today's round of updates, but four of them are already being exploited in the wild.
Written by Larry Seltzer, Contributor

Today Microsoft released 11 security bulletins fixing 24 vulnerabilities in Windows, Windows Server, Exchange Server, Microsoft SharePoint Server, Office Web Apps, Lync, ASP.NET SignalR, and Visual Studio Team Foundation Server 2013. Five of the bulletins address at least one vulnerability rated Critical. Another recently-reported zero-day was not fixed.

Microsoft says that four of the bulletins (MS13-096, MS13-098, MS13-104 and MS13-106) contain a vulnerability which is being exploited in the wild. Of particular concern is MS13-098 which could undermine code signing, one of the more important fundamental protections available today.

Microsoft also released many non-security updates today.

Editorial standards