Patch Tuesday roundup and new Exploitability Index addedOn Tuesday Microsoft released its monthly updates. This month saw 11 updates as well as a new way of rating them.Microsoft calls it the “Exploitability Index” and has been added as a new table in the monthly security bulletin. “The new rating scheme is designed to show more information which, aids customers in their risk management process” According to Steve Acerbate via the Microsoft Security Response Centre blog.Out of the 11 patches this month 4 of them are rated the most severe “Critical” level. The deal with issues in Internet Explorer, Active Directory, Host Integration Server's Remote Procedure Call Service and Office Excel.Internet Explorer bulletin deals with five issues that can be exploited if a user views a malicious Web page. The Excel bulletin fixes three vulnerabilities, including a formula parsing issue that is also considered a likely candidate for exploit code. The Host Integration Server vulnerability was declared likely to be exploited as well, and affects versions 2000, 2004 and 2006.Six of the remaining bulletins were rated important, and address issues in the Microsoft Ancillary Function Driver, the Windows Kernel, Microsoft Server Message Block Protocol, Virtual Address Descriptor, Message Queuing and the Windows Internet Printing Service.The final bulletin is rated "moderate" and fixes vulnerability in Microsoft Office that could lead to data disclosure. Read full story...
http://feedproxy.google.com/~r/neowin-main/~3/ajSd4B4N05c/patch-tuesday-roundup-and-new-exploitability-index-added
