Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Microsoft is prepping 16 patches to fix 34 vulnerabilities across its product line to be delivered Tuesday.
The patches will mend issues in Windows, Office, Internet Explorer, .NET Framework, SQL Server, Visual Studios, Silverlight and ISA Server.
Nine of the bulletins are rated "critical," while the remaining seven carry an "important" designation. The update touches all versions of Windows, Excel and Internet Explorer.
Two patches for Internet Explorer are among the more notable fixes. One will address an issue known as "cookiejacking," which involves an attacker accessing a cookie to steal access credentials.
Italian security researcher Rosario Valotta disclosed the vulnerability late last month and said that it could be used to steal usernames and passwords used to login to popular sites such as Facebook and Twitter.
For users to be exploited, they must be tricked into dragging an object across their screen and dropping it into an "attacker controlled HTML element," a type of clickjacking tactic sometimes employed by hackers.
But Microsoft Trustworthy Computing senior communications manager Angela Gunn played down the likelihood of exploits.
"Given the prevalence of other types of social engineering methods in use by criminals, which provide access to much more than cookies, we believe this issue poses lower risk to customers," she wrote on a blog.
Tuesday will be a busy day for IT administrators, as Adobe also is planning updates to its Reader and Acrobat products. These come as part of a quarterly release cycle.
This article originally appeared at scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.