Today is Patch Tuesday, and Microsoft has released a slew of fixes to security vulnerabilities. A total of 57 security issues were dealt with this time around, all of which were pushed out through 12 different updates, five of which were critical. The updates were applied to a range of Microsoft products, including Windows and Internet Explorer.
One of the most important patches pushed through is for Internet Explorer, addressing a vulnerability with an ActiveX DLL. This vulnerability is being actively exploited in the wild, and so it has been bestowed with the Critical rating. For this reason, users should install the Internet Explorer updates as soon as possible to avoid possible attack via the vulnerability.
Another critical update has to do with Windows' Object Linking and Embedding Automation, which is also subject to exploitation without the updates. Says Microsoft, this vulnerability puts servers and workstations most at risk, especially if those workstations allow multiple user logins that have authorization to run programs.
Other critical updates concern Windows itself and Exchange Server. Exchange Sever has several issues addressed with the updates, one vulnerability of which has to do with the product's WebReady Document Viewing. The Windows issue being addressed, meanwhile, concerns an issue with DirectShow that leaves the system open to attack.