Microsoft issues security fixes to 23 vulnerabilities

Microsoft has issued eight security fixes - two of them rated critical - for users of its Windows operating system, for its "Patch Tuesday." The latest batch of patches includes a cumulative update to Internet Explorer that addresses eight vulnerabilities in the browser, Kaspersky Labs said. "Of the eight security bulletins, two are rated critical and six important, addressing 23 vulnerabilities across Internet Explorer, .NET Framework & Silverlight, Microsoft Windows, Microsoft Forefront UAG, and Microsoft Host Integration Server," it said in a blog post (http://www.securelist.com/en/blog/208193159/Patch_Tuesday_October_2011). It added the vulnerabilities addressed by this batch of patches impact all lines of Windows, including Windows 7 x64 and Windows Server 2008 x64 Service Pack 2. Kaspersky said the security fixes include: * MS11-078, a fix for Silverlight plug-in * MS11-077, which patches bugs in the core Windows drivers that expose exploitable vulnerabilities across all the supported Windows versions from Windows XP SP3 to Windows Server 2008 x64 SP2. A separate post on computer security firm Sophos' blog noted another fix, MS11-081, addresses an issue that can allow remote code execution if a user visits a specially crafted malicious web page. "Five of the remaining six vulnerabilities are rated important, but also have a high exploitability index. Affected software includes Windows XP/2003/2008/Vista/7/2008R2, Windows Media Center and Forefront Unified Access Gateway," it added. — TJD, GMA News