June 9, 2010

Microsoft, Adobe Announce Security Patches

On Tuesday, Microsoft Corp. issued one of its biggest security fixes that includes a repair to its widely used Excel spreadsheet for flaws that could allow hackers to take control of a user's PC.

Adobe Systems Inc. said separately that it would issue an update for its Flash Player 9 to address a vulnerability in the current version that allows hackers to secretly gain remote access to computers.

Brad Arkin, senior director of product security and privacy for Adobe, told Reuters that Adobe's security engineers spent the weekend investigating the vulnerability, to figure out how to address the problem, then incorporate the fix into the latest update for the company's Flash software.

Microsoft released 10 patches to address 34 flaws it identified across its Office, Windows, Internet Explorer and other products.

According to Microsoft, three of the patches were high priority and should be deployed immediately to protect users from criminal attacks.  The patches are designed to protect users from hackers.

Of the 14 vulnerabilities identified in Microsoft Excel, eight were related to the Windows operating system and Internet Explorer.  The total of 34 matched a record set in October 2009.

According to Joris Evers, a spokesman for security software maker McAfee Inc. the flaws in Excel allowed hackers to create tainted spreadsheets that infects a user's PC once they are opened.  This allows a hacker to remotely take control of that computer.

Patching PC's can be a time-consuming process for corporate users, which need to test the patches before they deploy them to make sure they do not cause machines to crash because of compatibility issues with existing software.


On the Net: