Microsoft to fix critical Word vulnerability on Tuesday
Microsoft has announced that it will release seven security bulletins in next week's Patch Tuesday. These bulletins, one of which is rated critical by the company, fix 20 different security vulnerabilities across its Windows, Office, SQL Server and Lync products.
The critical vulnerability affects the Word application within Microsoft Office 2003, 2007 and 2010 and can be exploited for remote code execution attacks. The remaining bulletins are rated important and present possibilities for privilege escalation, denial of service and remote code execution attacks.
A vulnerability in Microsoft's FAST Search Server affects its Exchange products and is related to problems with files parsed by the third party Oracle Outside In libraries. Bugs of a similar nature were fixed as part of Microsoft's August Patch Tuesday.