Microsoft has rolled out eight security bulletins to fix two
dozen vulnerabilities as part of its October edition of Patch Tuesday. The software giant has also issued update addressing the "SandWorm" bug reportedly being exploited by Russian hackers to spy on NATO and the Ukrainian government.
CNET reports that the updates address vulnerabilities found in all
currently supported versions of Windows, Internet Explorer, Office and
the .Net framework. Three of the bulletins are rated critical, meaning
Microsoft recommends systems administrators apply the patches
immediately. A report said that Russian hackers targeted the
Ukrainian government around the time of the recent NATO summit in Wales,
where discussions on Russia's alliance with separatist rebels in eastern Ukraine were of prime focus.
iSight Senior Director Stephen Ward said that the vulnerability
appeared in every version of Windows from Vista to 8.1, barring Windows
XP. Security researcher FireEye said that Microsoft identified two
of three so-called zero-day bugs -- flaws that are being actively
exploited in the wild by hackers -- being used as "part of limited,
targeted attacks against some major corporations," the report added.