(LiveHacking.Com) – As expected Microsoft has released seven bulletins, five to address Critical vulnerabilities and and two for Important vulnerabilities In total the bulletins address 12 vulnerabilities a variety of products including Microsoft Windows, Internet Explorer (IE), Word and Windows Server.
According to Microsoft the two most important bulletins are MS12-077 – a cumulative security update for Internet Explorer and MS12-079 - a patch to fix a vulnerability in Microsoft Word that could allow remote code execution.
The IE update resolves three privately reported vulnerabilities, the most severe of which could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. The patch for Word resolves a privately reported vulnerability that could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Office software, or previews or opens a specially crafted RTF email message in Outlook while using Microsoft Word as the email viewer.
The other Critical vulnerabilities are MS12-078 - which fixes vulnerabilities in Windows kernel-mode drivers, MS12-080 - which addresses vulnerabilities in Microsoft Exchange Server and MS12-081 - which resolves a vulnerability in Windows file handling component. All of these three could allow remote code execution if exploited.