Two updates in Microsoft's November's patch release

Just two updates released by Microsoft this month: one rated critical, one important.

Microsoft has issued two updates in the November round of its monthly patch release cycle, one of them rated 'critical'.

The critical update addresses vulnerabilities in Microsoft XML Core Services which could be exploited to create a web page that would cause the Internet Explorer browser to execute malicious code. There are currently no known exploits for this vulnerability in the wild, although Microsoft's 'Exploitability index' assigns the vulnerability a rating that indicates that consistent exploit code is likely to be created.

The update assigned the slightly less severe rating of 'important' addresses a publicly disclosed vulnerability in Microsoft Server Message Block (SMB) Protocol which, again, could be exploited to allow an attacker to execute code remotely.

As always, users are advised to ensure they install updates as soon as possible to optimise security. More details on the release are here.

12 November 2008

Tags: exploit, microsoft, patch tuesday, update, vulnerability. del.icio.us digg this