Microsoft released six security bulletins to fix 15 vulnerabilities for this month’s patch Tuesday. Three of these security advisories (MSO9-063, MS09-064, MS09-65) are marked as “critical” and the other three as “important.”

MS09-067 deals with 8 security holes plaguing Microsoft Excel that when successfully exploited could allow remote code execution when users open a specially crafted excel file. Users are then strongly advised to update their systems as soon as possible as these vulnerabilities (especially those rated as critical) can be used by cybercriminals to execute worms and drive-by download malware attacks.

Apart from Microsoft, Adobe also addressed a vulnerability found in Adobe Photoshop Elements versions 8.0 and 7.0. The said vulnerability could allow cybercriminals to execute commands to the affected system. Though no solution has been provided yet, Adobe issued recommended a workaround that users must apply in order to not be affected by the vulnerability.

Apple also joined the patch bandwagon as it released its own set of patches to address 58 vulnerabilities affecting Mac OSX. When exploited, some of these security holes could give full access to a malicious user. The fixes deal with issues in opening downloaded file in the Internet and problem in admin user authentication to name a few.

Everyone is vulnerable to threats lurking in the Web today. With that in mind, users are encouraged to apply these patches immediately.

Post from: TrendLabs | Malware Blog - by Trend Micro

November Patch Tuesday Addresses 15 Vulnerabilities