Windows maker Microsoft Corp. released on Tuesday 5 security bulletins, thus patching 15 vulnerabilities in the Microsoft Windows, Microsoft Office, Windows Server, as well as in Sharepoint.
Microsoft cited all these vulnerabilities as important, but not critical as they can be exploited only when there is some kind of user interaction.
According to Wolfgang Kandek, the chief technology officer of Qualys, amongst all the vulnerabilities patched, an arbitrary code execution in MS Excel was perhaps the most important one.
"It affects all versions of Excel including the most recent 2010 version. To exploit this issue, attackers could create malicious Excel files, which, when opened on vulnerable hosts, can take control of the system," Kandek wrote in a blog post.
“A DLL preloading issue was fixed in MS11-071 which affects the deskpan.dll component and affects all versions of Windows,” the CTO added.
Meanwhile, multimedia software maker Adobe also released on the same day its own security updates in order to fix some critical security issues. Some of these vulnerabilities could be exploited by hackers to access files in Adobe Reader and Adobe Acrobat, without even letting the user know what’s going on under his nose.