The 'Patch Tuesday' release contains 11 bulletins for Windows, Office and Internet Explorer, six of which address vulnerabilities rated by Microsoft as 'critical'.
Three browser vulnerabilities could be exploited to allow an attacker to remotely execute code in either IE6 or IE7. A fourth flaw was rated 'critical' for IE6 but given a less severe 'important' rating for IE7.
Microsoft also patched critical vulnerabilities in the WebDAV component of Windows XP and Vista, along with critical flaws in Word for both Windows and Mac.
McAfee researcher Craig Schmugar told www.vnunet.com that the flaws covered by the monthly update highlight the perils of web-based attacks.
"Today's patches underline the need to be aware when opening files, and the risk of surfing the web unprotected," he said.
"Many of the vulnerabilities could be exploited if a Windows user simply opens a file or visits a malicious or compromised website. These are favourite attack methods among cyber-criminals."
Microsoft noted that none of the February security bulletins affects its two newest releases, Windows Vista SP1 and Windows Server 2008.
Microsoft pushes out 17 security fixes
By
Shaun Nichols
on Feb 14, 2008 7:19AM
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
Ingram Micro Ushers in the Age of Ultra
Kaseya Dattocon APAC 2024 is Back
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers
Sponsored Whitepapers
Easing the burden of Microsoft CSP management
-1.jpg&w=100&c=1&s=0)
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
Pulseway Essential Eight Framework
7 Best Practices For Implementing Human Risk Management
.png&w=100&c=1&s=0)
