Skip to main content
  1. Home
  2. Computing
  3. News

Microsoft wraps year with big security update

By

Microsoft is giving its customers a reassuring present for the holidays: a substantial security update that addresses 40 vulnerabilities across 17 bulletins in Microsoft Windows, Office, and Internet Explorer, along with server-based systems like SharePoint Server and Exchange. Among the fixes are five critical and two moderate patches for all versions of Internet Explorer, including a fix for a bug that could enable attackers to execute arbitrary code using invalid flag references in Cascading Style Sheets (CSS) used to specify how Web pages should be displayed.

The update also fixes a critical problem with Windows’ OpenType Font driver and patches the last known vulnerability being exploited by the infamous Stuxnet malware.

Recommended Videos

Microsoft first warned users about the CSS vulnerability in Internet Explorer in early November; although the problem applies to Internet Explorer 6, 7, and 8, Microsoft says IE6 and IE7 users saw the most impact. Other security fixes in Internet Explorer fix holes taht could enable attackers to take over a computer when a user simply loads a malicious Web site. Although the CSS vulnerability has been used in the wild, Microsoft says it’s not aware of any real world attacks that exploited the other vulnerabilities. Similarly, Microsoft does not know of any cases where the OpenType vulnerability was exploited.

Related

The sizable security updates follows a comparatively sedate November, which consisted of only three patches. Security experts are concerned that with both consumers and businesses distracted by the end-of-year holidays, they may defer installing Microsoft’s latest round of patches—which not only fixes more problems, but addresses at least one major vulnerability that is out there in the wild.

Editors' Recommendations

Topics
Geoff Duncan
Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Microsoft is setting the stage for the biggest update to Windows in years
windows 10 getting parallax 3d lock screen

In a Windows Hardware Certification blog post, Microsoft has finally acknowledged this year's first major Windows 10 update, currently code-named 21H1 and scheduled for release later this spring.

Though the Windows Insider team (which releases beta versions of Windows) hasn't yet talked about 21H1, the Hardware Certification blog post suggests that Microsoft will indeed stick to its now three-year-long tradition of releasing two major Windows 10 updates per year.

Read more
The U.S. government issues warning to install this emergency Windows update
microsoft issues emergency windows patch internet explorer 6 768x768

Google Chrome and Firefox might be the most popular web browsers, but a small percentage of Windows users are still depending on Microsoft's older Internet Explorer browser. If that covers you, then Microsoft is now urging you to install an emergency patch as soon as possible in order to avoid possible malicious attacks from hackers.

This latest patch corrects an issue with Internet Explorer 9 and 11 in Windows 7, 8.1, and Windows 10 and also Windows Server. Before the patch, hackers could have directed Internet Explorer users to a malicious website, which is able to exploit the scripting engine of the browser. This would have allowed hackers to execute their own code, and eventually, take full control of a victim's PC.

Read more
Trying to buy a GPU in 2023 almost makes me miss the shortage
Two AMD Radeon RX 7000 graphics cards on a pink surface.

The days of the GPU shortage are long over, but somehow, buying a GPU is harder than ever -- and that sentiment has very little to do with stock levels. It's just that there are no obvious candidates when shopping anymore.

In a generation where no single GPU stands out as the single best graphics card, it's hard to jump on board with the latest from AMD and Nvidia. I don't want to see another GPU shortage, but the state of the graphics card market is far from where it should be.
This generation is all over the place

Read more