Microsoft near to patching 100 critical vulnerabilities this year!
Wednesday October 11, 2006 at 2:34 am CST
Posted by Monty Ijzerman
Today Microsoft patched 26 vulnerabilities, a record high since their monthly patch cycle started. Among the patched vulnerabilities are the 0-Day vulnerabilities in Word and PowerPoint that have been used in targeted attacks against large enterprises. The vulnerability in the WebViewFolderIcon ActiveX object that allows for Internet Explorer drive-by-install and drive-by-download attacks, has been patched as well. None of today's patched vulnerabilities has been tagged as a worm candidate.
The anticipated remediation of the vulnerability in the DirectAnimation.PathControl ActiveX object in Internet Explorer did not see the light yet.
The update of our graphs of last month is found below. The graphs show that Microsoft has continued the trend of patching a large number of critical vulnerabilities each month.
November 16th, 2006 at 07:17
[...] Trackback This month, Microsoft has patched 13 vulnerabilities. Among them is one that can be used to create a worm targeting Windows 2000 systems. The MS06-070 Workstation Service vulnerability can be remotely exploited without user interaction. On Windows 2000, no authentication is needed when sending traffic to this service. Details on this vulnerability have been published. The vulnerabilities in Internet Explorer DirectAnimation.PathControl AxtiveX object and in XML Core Service, both exploited in the wild, have been addressed in this month’s patch cycle. The update of our graphs of last month is found below. The graphs show that Microsoft is continuing the trend of patching a large number of critical vulnerabilities each month. [...]