Yet more flaws patched by MS

Microsoft has released four security updates for ten vulnerabilities in its Office and Windows software, but did not release patches for the Word ‘zero-day' exploits.

  • E-Mail
By  Published  January 18, 2007

Microsoft has released four security updates for ten vulnerabilities in its Office and Windows software, but did not release patches for the Word ‘zero-day' exploits.

In its latest monthly update, the software giant issued three patches for its Office software and one for its Windows operating system (OS).

Three of the patches released last week, affecting Office and Windows, were deemed ‘critical' by Microsoft while the other, which affected Office, was granted the lesser rating of ‘important'.

Both Windows and Mac versions of Office are affected by the vulnerabilities, which could lead to a PC being taken over by a hacker.

Nine of the vulnerabilities patched were in Office applications with five affecting Excel and three affecting Outlook.

Some of the worst vulnerabilities, including a zero-day vulnerability and a calendar vulnerability in Outlook and a flaw in Window's vector markup language (VML), have been patched by the update, but other known vulnerabilities are still exposed following the release, which was sent automatically to subscribers of Microsoft's updates.

Security firms said they had been expecting patches to fix the widely publicised ‘zero-day' exploits in Windows that were circulating at the end of last year.

Microsoft was in fact expected to release a further four security patches in its January update but delayed four of the updates at the last minute, giving no reason.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code