El Reg reports
Microsoft has patched 25 software vulnerabilities--including bugs that allow hackers to hijack PCs via Internet Explorer, Word and Excel files, and Visual Basic scripts.
Microsoft said its December's edition of Patch Tuesday includes critical fixes for Windows, Office and Internet Explorer as well as a patch for Exchange.
MS14-80: Addresses 14 security flaws in Internet Explorer, including various remote-code execution vulnerabilities and an ASLR bypass. The patch is considered a low risk for Windows Server systems, but critical for desktops, laptops and tablets. All the flaws were privately reported, and credit was given to various independent researchers as well as the HP Zero Day Initiative, Qihoo 360 and VeriSign iDefense Labs.
MS14-81: Two vulnerabilities in Word and Office Web Apps that allow an attacker to remotely execute code on targeted systems if the victims open booby-trapped documents. This update also applies to users running Office for Mac. Credit was given to Google Project Zero researcher Ben Hawkes, who privately reported the flaws to Microsoft. Rated as Critical.
MS14-84: A remote-code execution vulnerability (CVE-2014-6363) in the Windows VBScript engine can be exploited via a specially crafted webpage. Credit for discovery was given to SkyLined and VeriSign iDefense Labs. Rated as Critical.
The article also mentions Adobe software and Linux. Are any Soylentils running that combination?
(Score: 4, Informative) by dlb on Thursday December 11 2014, @11:20PM
Heads up if you use Virtualbox: https://forums.virtualbox.org/viewtopic.php?f=6&t=64777&start=60 [virtualbox.org]
(Score: 0) by Anonymous Coward on Thursday December 11 2014, @11:58PM
Which part of "Microsoft product" did you not understand?
(Score: 0) by Anonymous Coward on Friday December 12 2014, @01:43AM
The virtualbox dudes have really screwed the pooch here. They have basically been broken with respect to this sort of thing for the past 6 months. They have decided a whitelist is the way to go with respect to dlls. I have been stuck on .12 because of this junk. Borderline considering going to go buy me a copy of vmware. They are also shutting down anyone who wants to talk about it other than 'its broken and here is my long'.
(Score: -1, Flamebait) by Anonymous Coward on Friday December 12 2014, @06:24AM
Hairyfeet: "Its not Microsoft, they can do no wrong. VirtualBox is a poorly written software, that or the User has no l33t skillz"