[ISN] Microsoft To Patch Three Zero Day Vulnerabilities

From: InfoSec News <alerts_at_private>
Date: Tue, 8 Feb 2011 03:10:53 -0600 (CST)

By Mathew J. Schwartz 
February 7, 2011

Microsoft's February Patch Tuesday will see the release this week of 12 
security bulletins, patching a total of 22 vulnerabilities, including 
three that could be exploited via zero-day attacks.

According to Wolfgang Kandek, CTO of Qualys, "these vulnerabilities have 
seen limited exploits in the wild, so applying the update is highly 

One of those bugs, a CSS-related vulnerability that affects all versions 
of Internet Explorer, was disclosed in late 2010 by a Google researcher. 
By early January, security firms reported that attackers were actively 
exploiting the bug.

Microsoft will also patch a zero-day vulnerability in the Windows 
Graphics Rendering Engine. Attackers could exploit the flaw using 
malicious thumbnail images, and execute arbitrary code at the user's 
permission level.


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Tue Feb 08 2011 - 01:10:53 PST

This archive was generated by hypermail 2.2.0 : Tue Feb 08 2011 - 01:18:08 PST