It was the first Tuesday of the month yesterday, meaning that it was once again time for Microsoft to roll out its regular collection of security updates under the familiar moniker of "Patch Tuesday".
The bundle of patches from Microsoft covers at least 23 documented vulnerabilities, and includes fixes for exploits that could be invoked in Microsoft Office, Microsoft Windows, the Microsoft .NET Framework and Microsoft Silverlight.
The worst of the Microsoft vulnerabilities have earned the highest severity level of "Critical", and require no user interaction for a malicious attacker to run code on a victim's computer.
One patch, MS12-034, is specifically aimed at fixing attack vectors which have previous been exploited by Duqu - dubbed "the son of Stuxnet", and believed to target industrial control systems.
Another vulnerability, which many companies will certainly want to patch against, is the one detailed in MS12-029. If left unpatched, the vulnerability could allow remote code execution if a user opens a boobytrapped RTF file.
As always, you can read the interpretation of SophosLabs on the seriousness of the various Microsoft vulnerabilities on the vulnerabilities page.
Remember, if you don't have auto-updating turned on, you can click the Windows Update icon on the Start Menu to download Microsoft security updates.
Separately, Adobe issued security bulletins yesterday related to Adobe Illustrator, Adobe Photoshop, Adobe Flash Professional and Adobe Shockwave Player.
Any Windows or Mac computer user who still feels it's necessary to run Adobe Shockwave Player is advised to update to the latest version (currently 11.6.5.635).
Topic: Patch now! Adobe and Microsoft push out critical security fixes (Read 1787 times)