One of the critical patches fixes a set of two vulnerabilities within all versions of Internet Explorer including IE 10, that are made more severe if users have administrative rights on the system. The other critical patch plugs a privately reported vulnerability in Windows Remote Desktop Client that affects many versions of Windows excluding Win 8, Server 2012, and Windows RT.
As expected, the other seven patches deal with less concerning or severe bugs, though two of these – "Vulnerability in Microsoft Antimalware Client Could Allow Elevation of Privilige (MS13-034)," and "Vulnerabilities in Kernel-Mode Driver Could Allow Elevation of Privilige (MS13-036)" – merit a "1" on Redmond's exploitability index, making "exploit code likely."
Nine bugs plugged on Patch Tuesday
Posted on Wednesday, April 10 2013 @ 10:26 CEST by Thomas De Maesschalck