If you use Microsoft Windows, it’s time again to get patched: Microsoft today issued nine updates to fix at least 21 security holes in its products. Separately, Adobe released a critical update that addresses nine vulnerabilities in its Shockwave Player software.
Four of the patches earned Microsoft’s most dire “critical” rating, meaning that miscreants and malware can leverage the flaws to hijack vulnerable systems remotely without any help from the user. At least four of the vulnerabilities were publicly disclosed prior to the release of these patches.
The critical patches repair faulty components that can lead to browse-and-get-owned scenarios; among those is a fix for a vulnerability in Microsoft Silverlight, a browser plugin that is required by a number of popular sites — including Netflix — and can affect multiple browsers and even Mac systems. Microsoft believes that attackers are likely to quickly devise reliable exploits to attack at least a dozen of the 21 flaws it is fixing with this month’s release.