Microsoft patches tackle software issues
By Ashley Curtis
11/05/2011
Microsoft has released two patches as part of its monthly Patch Tuesday cycle, The Register reported.
Out of the two updates, one has been rated 'critical' and the other 'important'.
The critical update (MS11-035) affects the WINS component of Windows 2003 and 2008 server operating systems. The important update (MS11-036) affects older versions of Microsoft Office PowerPoint.
Left unpatched, the flaw fixed by the important update creates a means to plant malware in specially malformed PowerPoint files; making the vulnerability particularly useful in targeted attacks. Users of Office XP, 2003, 2007 and 2004 for Mac are all potentially at risk from the vulnerability.
It is hoped that many firms already have security software like IT management systems that include anti-virus, anti-malware and firewalls that would detect a digital attack.
However, those without appropriate security measures, companies could be at risk of an attack from hackers who could use these exploits to extract personal information.
Andrew Storms, a security expert, told Computer World he is not surprised that the software giant has rushed to fix the PowerPoint exploit: "I'm not surprised that it's PowerPoint, that it's probably a file format vulnerability."
"We shouldn't be surprised that more PowerPoint bugs are appearing as attackers shift their focus away from World and Excel to PowerPoint."
