Four vulnerabilities in Windows and Office have been patched by three security updates that were shipped by Microsoft recently. Patches for Internet Explorer (IE) that will increase the browsers chances of surviving Pwn2Own were not released by Microsoft. The patches released will offer an easy ride for customers, according to the company. Jerry Bryant, a group manager with the Microsoft Security Response Center (MSRC) stated that it would be a light month. During odd-numbered months, Microsoft has developed a practice of shipping fewer patches. Although it had released 22 patches last month, it has released only 3 patches in January.

While 2 of the 3 patches were labeled ‘important’; the second-most dire warning, the 3rd ‘bulletin’ was labeled ‘critical’, which is the company’s top-level threat ranking. Vulnerabilities of the Windows Media Center and Windows Media Player components that are present in all versions of Windows were patched by the upgrades released. Bryant believes that it is a browse and own vulnerability. Andrew Storms, Director of security operations at nCircle Security states that it is a drive-by bug. Until patched, all client editions of Windows like Windows XP, Vista and Windows 7 are vulnerable.

Angela Gunn, Precedential communications greeting manager with MSRC informs that the unshared elision to all is Windows XP Location Edition that doesn't keep the imperfect codec. Vulnerabilities equal the MS11-015, MS11-016 and MS11-017 are classified as "DLL sedimentation robbery" flaws. Meaningful DLL load hijacking issues in Windows were disclosed by researchers. Ultimate Nov, Microsoft began patching DLL incumbrance hijacking bugs. Bryant revealed that it is an current inquiry for Microsoft. They are going through the set of their production ground after identifying all vulnerabilities they could in IE. Microsoft power act to roll out DLL headache robbery fixes for some abstraction, according to Storms. He believes that these issues are comparatively writer lately that they could gain it much ticklish for attackers to employ any DLL vexation robbery bug by incapacitating the WebDAV guest services, according to HD Poet, Primary Warranty Officer at Rapid 7 and the creator of the popular Metasploit lawless m

aker hacking toolkit. Parthian year, Sculpturer was one of the few to communicate the new grade of DLL sedimentation robbery vulnerabilities. But, before the Pwn2Own hacking object that kicks off soon, Microsoft didn't connector IE as likely. Security researchers are pitted against each other for browsers like IE, Apple’s Safari, Google’s Chrome and Mozilla’s Firefox. A $15,000 prize is offered to anyone who takes down IE, Safari or Firefox and for the researcher who takes down Chrome, $20,000 is offered. Bryant states that they don’t believe in disrupting their customers just due to the contest. Recently, Google and Mozilla have patched their browsers and Apple is also likely to patch Safari soon just in time before Pwn2Own. With the help of Windows Server Update Services (WSUS), Microsoft Update and Windows Update services, Microsoft’s security updates can be downloaded and installed.