The 'Patch Tuesday' release contains 11 bulletins for Windows, Office and Internet Explorer, six of which address vulnerabilities rated by Microsoft as 'critical'.
Three browser vulnerabilities could be exploited to allow an attacker to remotely execute code in either IE6 or IE7. A fourth flaw was rated 'critical' for IE6 but given a less severe 'important' rating for IE7.
Microsoft also patched critical vulnerabilities in the WebDAV component of Windows XP and Vista, along with critical flaws in Word for both Windows and Mac.
McAfee researcher Craig Schmugar told www.vnunet.com that the flaws covered by the monthly update highlight the perils of web-based attacks.
"Today's patches underline the need to be aware when opening files, and the risk of surfing the web unprotected," he said.
"Many of the vulnerabilities could be exploited if a Windows user simply opens a file or visits a malicious or compromised website. These are favourite attack methods among cyber-criminals."
Microsoft noted that none of the February security bulletins affects its two newest releases, Windows Vista SP1 and Windows Server 2008.
Microsoft pushes out 17 security fixes
By
Shaun Nichols
on Feb 14, 2008 7:19AM
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Shared Intelligence is the Real Competitive Edge Partners Enjoy with Crayon
Beyond the box: How Crayon Is Redefining Distribution for the Next Era
How Expert Support Can Help Partners and SMBs Realize the Full Value of AI
.jpg&h=142&w=230&c=1&s=1)
New Microsoft CSP rules? Here’s how MSPs can stay ahead with Ingram Micro
Guiding customers on the uneven path to AI adoption
Sponsored Whitepapers
Cut through the SASE confusion
Stay protected as cyber threats evolve
Defend Your Network from the Next Generation of AI Threats
.jpg&w=100&c=1&s=0)
The race to AI advantage is on. Don’t let slow consulting projects hold you back.
_(8).jpg&w=100&c=1&s=0)
The changing face of Australian distribution
