March's Microsoft Patch Tuesday Fixes 6 Vulnerabilities
Microsoft's Patch Tuesday security update is a light one this month, addressing six vulnerabilities, only one of which is labeled critical.
Detailed on the Microsoft TechNet blog, four of the bulletins the software giant will release tomorrow (March 13) tackle flaws in Windows, including a critical patch for a bug that could allow an attacker to remotely execute malicious code on a target system.
The critical vulnerability affects Windows 7, Windows Vista, Windows XP Service Pack 3 and Windows Server 2008 and 2003.
"This means the critical bulletin will affect all organizations and consumers," Marcus Carey, security researcher at the Boston-based vulnerability management firm Rapid7, told SecurityNewsDaily in an email.
Two more patches included in Microsoft's monthly security roundup fix vulnerabilities that could allow a denial-of-service exploit and elevated privileges on Windows. The other two bugs Microsoft is patching are in Visual Studio and Expression Design.
Microsoft's patch release comes just days after the French security research firm Vupen successfully hacked Internet Explorer 9 during the annual Pwn2Own hacking contest at the CanSecWest security conference in Vancouver.