7 New Year Fixes
Like our weak winter weather, 2012 is starting out mild on the patch front. Microsoft kicked out seven patches this week -- and only one is critical. While we expect critical fixes for Windows and IE, this time around the problem is with Media Player -- two problems, actually. Both of which allow remote code execution exploits. The exploits work by tricking a user into downloading malicious media content.
This month also hosted a brand new category of exploit, the Security Features Bypass. As indicated, these exploits simply bypass security features, such as .NET's and C++'s SafeSEH tool.
Other fixes involve SSL 3.0 and Microsoft's Anti-Cross Site Scripting (AntiXSS) Library.
Posted by Doug Barney on 01/11/2012 at 1:18 PM