Microsoft's Patch Tuesday fixes critical vulnerabilities - Update
As expected, Microsoft has released nine bulletins to close a total of 21 holes in its products. Four of the bulletins close critical vulnerabilities in Windows, Internet Explorer, .NET and Silverlight, including an issue in the Windows kernel-mode drivers that became publicly known in December of last year.
The company advises those responsible for prioritising update deployment to focus on the critical patches for Internet Explorer and the C Runtime Library in Windows, as these could be exploited by an attacker to remotely execute arbitrary code on a victim's system. For an attack to be successful, a user must first visit a malicious web page or open a specially crafted file. The other critical bulletins fix issues in .NET and Silverlight, as well as the Windows kernel. Microsoft notes that it has yet to see any active attacks exploiting these issues in the wild.
Rated as "important", the remaining five bulletins correct a number of remote code execution and privilege escalation issues. These include a total of six vulnerabilities in SharePoint and the Ancillary Function Driver in Windows that could be used to allow elevation of privileges. Five holes in the Windows Color Control Panel, an issue in the Indeo Codec included with Windows, and five problems in Visio Viewer – part of Microsoft Office – that could be used to remotely execute code have also been closed.
An overview of all of these updates, including descriptions about each of the vulnerabilities, can be found Microsoft Security Bulletin Summary for February 2012.
Update: According to reports, the updates to the Microsoft Windows Malicious Software Removal Tool (MSRT) and the company's Forefront security products, which were released at the same time as Microsoft's Patch Tuesday security updates, result in a false positive malware warning on google.com. Following the updates, when visiting google.com in Internet Explorer, users receive a warning that a potential threat has been detected, specifically Exploit:JS/Blacole.BW; those using Firefox only reportedly see a warning after a search is initiated, and Chrome and Opera are said to be unaffected.