Microsoft Fixes Zero-Day Bug in July Patch Tuesday2012-07-11 08:06 by Daniela
Tags: Microsoft, Patch Tuesday
Microsoft released patches for 16 security vulnerabilities yesterday, including a bug affecting Microsoft XML Core Services that is being exploited in the wild. Three of the nine bulletins are rated "critical."
The zero-day vulnerability in Microsoft Core XML MS12-043 disclosed in early June was actively being exploited in the wild. The latest security update only fixed the heap overflow issue in MSXML versions 3, 4, and 6. Organizations running version 5, which corresponds to Office 2003 and 2007, should make sure to apply the interim FixIt measures until a future update is available. The other two critical vulnerabilities have not yet been exploited, but Microsoft predicted reliable exploit code may be available within 30 days.
The update also included a critical patch for Internet Explorer 9, the latest version of Microsoft's popular browser. The IE9 bulletin, MS12-044, swats two security bugs that can be exploited to remotely execute code.
Read more -here-