November 2012 Microsoft Bulletin Release Includes Fix for Internet Explorer Vulnerabilities
This month, Microsoft releases six security bulletins, four of which are rated as critical. Included in this release is MS012-071 that addresses vulnerabilities in Internet Explorer. Accordingly, the said vulnerabilities could lead to remote code execution via a specially crafted website. As such, any remote attacker who exploits these can end up gaining user rights access thus compromising the security of the system.
Microsoft also addressed vulnerabilities affecting the newly-release Windows 8 and Windows RT. Windows RT is the OS running on Windows tablets. Another notable security bulletin is MS12-076 that addressed the issue of vulnerabilities in Microsoft Excel and MS12-075 that could allow remote code execution in Kernel privileges.
In other news, there were reports of a zero-day exploit targeting Adobe Reader. It is said that the exploit is being sold in the underground cybercrime and is used by the cybercriminals behind the Blackhole exploit kit. TrendLabs researchers are continually monitoring and investigating this for any developments.
Trend Micro Deep Security and Office Scan with Intrusion Defense Firewall (IDF) plugin actively protects users against possible threats leveraging these vulnerabilities. For more information on the bulletins and their IDF rules, visit the Threat Encyclopedia page.