Microsoft Tuesday patched eight vulnerabilities, all rated critical, in four security updates for Windows, Office, Windows Media Player, Internet Explorer 6, SQL Server and other programs.
Unlike last month, when Microsoft issued 12 bulletins that fixed 26 flaws, today's patched vulnerabilities did not include any that have already been exploited in the wild.
"It doesn't look too bad today," said Andrew Storms, director of security operations at security vendor nCircle Network Security, comparing the count to August's. "Although anything running Windows will have to be updated with MS08-052."
That bulletin, highlighted by Storms and other experts as the one most crucial to patch immediately, fixes a total of five vulnerabilities in the GDI+ component of Windows. GDI+ (Graphics Device Interface) debuted in Windows XP, and is a core part of Windows Vista and the current server-side operating systems, Windows Server 2003 and Windows Server 2008.
"It's one of the foundations for graphic display in Windows," said Storms. "Anyone running XP or newer -- and who isn't these days -- will have to update."
Read more @ Computer world