Microsoft Patch Package Includes Critical Word Fix 12-13-2012, 03:08 AM
#1
Quote:Today's package of patches from Microsoft includes a rare critical patch for Microsoft Word. Traditionally, Microsoft rates Word vulnerabilities as important as users are usually expected to open a file manually, so whatever the vulnerability, manual intervention is required. In the case of MS12-079 though, all the user needs to do is preview a specially crafted RTF email in Outlook for whatever malware resides within to be run with the same privileges as the logged in user. It is possible to configure Outlook not to preview email as RTF, but as plain text. This does reduce functionality though and it will be easier to install the patch.
All versions of Windows, from XP SP3 to Windows 8 and Windows RT are affected by MS12-078. This critical hole involves a vulnerability in kernel mode drivers which can be exposed by displaying a document or web page with embedded specially crafted TrueType or OpenType fonts which can lead to remote code execution. Only Server 2008 has a lower rating where the flaw is reduced to an elevation of privilege.
I only recently heard about the vulnerability, but I guess they are fixing it already. Be sure to read the rest of the article.
Source: The H
![[Image: fSEZXPs.png]](https://i.imgur.com/fSEZXPs.png)
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)
![[Image: JJR.jpg]](https://dl.dropboxusercontent.com/u/18819048/JJR.jpg)
