Microsoft, Adobe and Oracle fix critical flaws
By Nicole Kobie,
Microsoft has issued 11 patches to fix 25 flaws across Windows, Office and Exchange as part of its monthly update cycle.
Of the 11 patches, five were rated critical, five were important, and the last was moderate.
Microsoft highlighted three - MS10-019, MS10-026, and MS10-027 - as being priorities for administrators. The first affects all versions of Windows and allows for code to be executed, while the latter pair could be triggered just by visiting a malicious web page.
Microsoft's security communications manager Jerry Bryant also warned that one of the patches is a Windows Kernel update, and therefore includes a system to check for rootkits, after the last kernel update uncovered a few infections.
"For MS10-021, and for all of our kernel updates going forward, we have included detection logic for unusual conditions or modifications to the Windows Kernel binaries," Bryant said.
"If such conditions are detected, the update will return an error to the user and fail to install," he said, adding that if that happens, admins should contact Microsoft support.
While three of the patches - including two critical ones - affect Windows 7, Bryant noted that the more recent operating systems were less likely to see security flaws and need updating than their older counterparts.
"We continue to encourage customers to upgrade to the latest operating systems to benefit from the increased security protections provided by these platforms," Bryant wrote in the Microsoft security blog.
Microsoft also updated its Malicous Software Removal Tool and closed two advisories relating to VBScript and Server Message Block, saying no attacks seemed to be taking advantage of the vulnerabilities.
Microsoft also stopped supporting the Windows Vista RTM yesterday, so users should in the very least update to SP1.
Adobe and Oracle updates
Adobe also issued 15 critical updates for Reader and Acrobat, and rolled out its new automatic updater, which will see future updates installed on users' computers within 72 hours of their release.
Oracle also unleashed its quarterly update, issuing 47 fixes including 16 for Sun following its acquisition of the firm.
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
What is your password worth?
Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.
- Macs under attack?
- Intel: security inside
- Are you spending too much on IT security?
- Does the government want to snoop on your data?
- Eurocrats versus the cyber criminals
- The truth about spam
- Google and privacy: What’s the problem?
- Q&A: Symantec’s CISO on the source code hack
- RSA: Back from the breach?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- Apple iPad 3 vs iPad 2 head-to-head review
- Dell EqualLogic PS6100XS review
- Chromebooks: What's gone wrong?
- ICO: Fines for cookie law breakers
- UK regulator shuts down Angry Birds scam
- Open source software driving cloud-based innovation
- Fujitsu targets enterprises with Android ICS tablet
- IBM bans use of Siri on iPhones
- Dell PowerEdge R820 review
- BlackBerry 7 OS certified to carry 'Restricted' UK government information
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
