Microsoft's February Patch Tuesday Kills 21 Security Bugs‎

Microsoft yesterday issued nine security updates that patched 21 vulnerabilities in Windows, Internet Explorer (IE), Office, .Net, Silverlight and SharePoint Server, including several critical bugs that can be exploited with drive-by attacks.

The update is rated "critical" for Internet Explorer 7, Internet Explorer 8, and Internet Explorer 9 on Windows client machines and Microsoft expects to see reliable exploit code published with the next 30 days.

The company is also urging Windows users to pay special attention to MS12-013, a critical bulletin that fixes a flaw that could allow remote code execution if a user opens a specially crafted media file that is hosted on a website or sent as an email attachment.

"A remote code execution vulnerability exists in the way that the msvcrt DLL calculates the size of a buffer in memory, allowing data to be copied into memory that has not been properly allocated. This vulnerability could allow remote code execution if a user opens a specially crafted media file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system."

Read more -here-

• Dropbox breach exposes customer credentials, authentication data
• Google: Passkey authentications top 1 billion across 400 million accounts
• FTC fines Razer for misrepresenting COVID masks as N95s
• FCC fines Verizon, AT&T other major carriers nearly $200 million for sharing customer data
• Federal regulators accuse Amazon executives of deleting messages
• FCC restores net neutrality rules