By Thomas Claburn
April 13, 2010
Microsoft on Tuesday issued its April security patch, which includes 11
bulletins addressing 25 vulnerabilities.
Five of the bulletins are rated "critical," five are rated "important,"
and one is rated "moderate."
According to Wolfgang Kandek, CTO of Qualys, two of the bulletins --
MS10-020, an SMBv2 denial of service flaw, and MS10-022, a VBScript flaw
-- close zero-day vulnerabilities.
Two weeks ago, Microsoft issued an emergency, or out-of-band, patch to
address a different zero-day flaw in Internet Explorer.
Had Microsoft not done so, April's patch would have been one of the
largest ever, with 12 bulletins and 35 vulnerabilities.
Register now for HITBSecConf2010 - Dubai, the premier
deep-knowledge network security event in the GCC,
featuring keynote speakers John Viega and Matt Watchinski!