Microsoft to tackle under-attack Office bug next week
It plans to patch 23 vulnerabilities, including 19 in a critical update for all versions of Internet Explorer
By Gregg Keizer
June 6, 2013 04:11 PM ET
Computerworld - Microsoft today said it will ship just five security updates next week, the fewest in any month so far this year, to patch 23 vulnerabilities in Internet Explorer (IE), Windows and Office.
The update for Office will address a bug that is now being exploited by hackers, a researcher claimed. "There have been limited attacks using this vulnerability in the wild," said Paul Henry, a security and forensic analyst at Scottsdale, Ariz.-based Lumension, in an email. "Although it's not considered to be publicly known, it is being actively exploited to some extent." The exploits have been distributed in malicious files sent to potential victims via email, Henry added.