Microsoft on Tuesday released three security bulletins and fixed eight security vulnerabilities as part of its regularly timed monthly security fix schedule. One of the bulletins, for Windows, covers three separate fixes and was rated critical, the software giant's most serious rating, while the other two were rated Important.
The three bulletins issued Tuesday include:
MS09-006 (Critical) - Resolves three newly discovered and previously unreported Windows vulnerabilities that could allow maliciously created EMF or WMF image files that could allow remote code execution.
MS09-07 (Important) - Resolves one newly discovered and previously unreported Windows vulnerability that could allow a hacker to spoof the system if they first gain access to the certificate used by the end user to authenticate on the PC.
MS09-10 (Important) - Resolves four Windows vulnerabilities, two of which were previously publicly disclosed and two which were previously unreported. A successful exploit could allow a hacker to redirect Internet traffic from the PC to the hacker's own systems.
As always, Microsoft recommends that customers enable Automatic Updates to ensure that their systems are brought up to date automatically. If you're interested in more information about these vulnerabilities, please refer to the Microsoft Security Web site.