Microsoft has released its regular “Patch Tuesday” bundle of security patches for Windows and its other software, protecting against a number of critical vulnerabilities.
Some of the security holes are classified as “critical”, meaning that malware or malicious hackers could exploit them to compromise a computer without any interaction by the user.
The most serious fix of the bunch is the MS13-059 cumulative patch for Internet Explorer.
The most severe vulnerabilities that this update fixes relate to remote code execution flaws that are present in all versions of Internet Explorer. Yes, Internet Explorer 6, 7, 8, 9, and 10 on Windows XP, Vista, Windows 7, Windows 8, Windows RT and Server 2003, 2008, 2008 R2 and 2012, are all at risk.
It’s extremely important that computer users apply this and the other security patches as quickly possible before criminals take advantage of the flaws to attack systems. It wouldn’t be a surprise at all to see malicious hackers taking advantage of this vulnerability in the near future, so time is of the essence.
Other security holes addresses in Microsoft’s Patch Tuesday include fixes (MS13-060) for a flaw in older versions of Windows that could result in malicious code being run on a victim’s computer, simply from them visiting a boobytrapped webpage containing a poisoned embedded font.
Microsoft’s summary of all of the flaws addressed by this month’s security patches can be found here.
You can ensure that your computer is protected with these and the other Patch Tuesday fixes by ensuring that you have automatic updates enabled on your PC, or by visiting Windows Update.
Don’t delay – patch your systems now.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
One comment on “Over 20 security holes found in Windows, IE and other software. Patch now”
Interestingly, even Win 8.1/IE11 had 5 patches.