The patches, updates and fixes keep on coming like clockwork. After detailing the Patch Tuesday fixes for April last week, Microsoft has now made them available for download.
A total of nine different bulletins were part of its latest monthly update cycle, aiming to fix vulnerabilities found in a number of Microsoft software — including Windows, Internet Explorer.
Two of the bulletins are rated as Critical, while the other seven carry the label of Important. The Critical ones concern the security flaws in Internet Explorer along with Windows Remote Desktop Client.
The IE users among you will be interest the most in the MS13-028 security update that is released to address two different bugs in Microsoft’s browser that could potentially allow an attacker to gain the same rights as the logged in user — with the help of a malicious website, of course.
The very definition of evil!
The Windows Remote Desktop Client patch, labeled MS13-029 fixes a flaw that could allow remote code execution if an attacker convinces a customer to view a website containing specially crafted content that exploits it.
The very definition of malicious!
Luckily though, both cases were privately disclosed and no attacks have been reported — hopefully there never will be. But for that to happen, Microsoft recommends users to prioritize the deployment of the two Critical updates as soon as possible.
As is usually the case, all patches are delivered to Windows XP, Vista, 7, 8 and RT installations using the integrated Windows Update feature of the respective operating system. So if you have computers powered by these particular OSes, then make sure you do.