All the latest UK technology news, reviews and analysis


Microsoft Patch Tuesday brings critical fixes for IE and the Remote Desktop Client

10 Apr 2013
Microsoft logo at its Redmond headquarters

This month's edition of Microsoft's Patch Tuesday brings two critical patches for Internet Explorer and the remote desktop client.

One patch covers a remote code execution issue found inside Internet Explorer versions six through 10. Another patch this month includes a bug fix for Microsoft's remote desktop client running on Windows XP to Windows 7.

"For the April patches, your first priority is MS13-028, which is a use-after-free issue in all versions of IE," said security and forensic analyst at Lumension, Paul Henry.

"This is one of the few bulletins this month that has a critical impact on the current code, hitting Windows 8, Windows RT and Windows 7 with a critical remote code execution issue."

Henry said that much of this month's patches cover legacy code. He believes that if a firm is currently running the latest software, its IT department shouldn't have a terribly difficult time making patches.

"Most of the impact is on the legacy code base, rather than the current code that has been impacted more than usual over the last few months," continued Henry.

"If your system is running the latest and greatest versions of software - as you should always do, since newest is usually the most secure - then you should be minimally impacted this month."

Another critical patch this month is MS13-029. The fix corrects a remote code execution issue found inside Microsoft's remote desktop client running on Windows XP, Windows Vista, and Windows 7.

"Attackers can exploit this vulnerability by luring victims to attacker-controlled websites hosting malicious ActiveX controls," said BeyondTrust chief technology officer Marc Maiffret.

"When viewed, the vulnerability would be exploited, granting attackers the ability to execute arbitrary code in the context of the user. Therefore, it is very important to get this patch rolled out as soon as possible."

Along with the critical patches, Microsoft also released seven important fixes. Non-critical patches for this month aim to correct issues found within software such as Sharepoint Servers 2013, Windows Defender, and Windows component CSRSS.

This month's Patch Tuesday offering comes following the announcement of three Adobe patches for April. The Adobe patches address flaws from ColdFusion, Flash and Shockwave software.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
James Dohnert
About

James is a freelance writer and editor. In addition to ClickZ, his work has appeared in publications like V3, The Commonwealth Club, CachedTech.com, and Shonen Jump magazine. He studied Journalism at Weber State University.

More on Security
What do you think?
blog comments powered by Disqus
Poll

Windows 10 poll

What are your first impressions of Windows 10?
13%
5%
10%
4%
21%
4%
43%

Popular Threads

Powered by Disqus
V3 Sungard roundtable event - Cloud computing security reliability and scalability discussion

CIOs debate how to overhaul businesses for the digital era

V3 hosts roundtable with Sungard Availability Services

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Application Support Analyst – Investment Bank – London

Application Support Analyst – Investment Bank – London...

IT Development Manager

This is a unique and senior opportunity to establish...

IT Infrastructure Manager

Closing Date: 13/10/2014 Working within a diverse and...

IT Development Manager

This is an exciting & challenging role at a major...
To send to more than one email address, simply separate each address with a comma.