Page 2 of 2
Rapid7's Carey pointed out the browser fixes will likely continue at a fast pace for the foreseeable future.
"It seems that every month something happens to Explorer," he said. "It either impacts the browser itself or the browser plug-ins. It's so hard for hackers to get connected to the clients that they have to get to the browser. That's the new threat landscape. All the browsers have the same amount of heat on them. It's not just IE."
The other bulletins address problems in Windows and Microsoft Office. One, which is listed as critical, is believed by Carey to fix the remaining vulnerabilities in Microsoft XML Core Services. Another bulletin, which is rated important, affects Microsoft Office 2007 & 2010. A third bulletin, which is also rated important, affects Visio 2010.
Meanwhile, Adobe is plugging vulnerabilities in Adobe Reader and Adobe Acrobat. "These are both rated with the highest criticality, which means that administrators are being urged to patch within three days," said Kandek. "They seem to think that these vulnerabilities are easily exploitable."