Tuesday 9 April 2013
Microsoft has released two critical security updates for Windows and Internet Explorer as part of its latest round of Patch Tuesday updates.
The first critical bulletin affects versions of Internet Explorer 6 and above on Windows XP, Windows Vista, and Windows 7. It also affects Internet Explorer 10 on Windows 8 and Windows RT-based tablets.
It addresses two separate flaws, one that allows remote code execution -- such as a malware injection -- if an affected user views a specially crafted Web site. This would allow the attacker to access an infected machine at the same user rights level.
The second critical bulletin, which affects the Remote Desktop Client, could allow another such malware injection, giving the attacker the same user rights as the logged-in user.
Both patches fixing the two critical vulnerabilities require the machine to be restarted.
Also today's fixes include a bevy of patches for the Surface RT tablet.
This edition of Patch Tuesday comes at a time when Microsoft is warning that Windows XP support is coming to an end in a year's time. Beginning April 8, 2014, the software giant will no longer provide security updates for the aging 12-year-old operating system.
All patches are available through the usual update channels, including Windows and Microsoft Update.
