Microsoft releases three security bulletins

Another Patch Tuesday and Microsoft comes out with a variety of patches that fix vulnerabilities targeting Windows.

Security updates are available here and users are recommended to update as soon as possible. If you want more information about these security bulletins do check out the March Security Bulletin Webcast.

Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)

This security update resolves several privately reported vulnerabilities in the Windows kernel. The most serious vulnerability could allow remote code execution if a user viewed a specially crafted EMF or WMF image file from an affected system.

Vulnerability in SChannel Could Allow Spoofing (960225)

This security update resolves a privately reported vulnerability in the Secure Channel (SChannel) security package in Windows. The vulnerability could allow spoofing if an attacker gains access to the certificate used by the end user for authentication. Customers are only affected when the public key component of the certificate used for authentication has been obtained by the attacker through other means.

Vulnerabilities in DNS and WINS Server Could Allow Spoofing (962238)

This security update resolves two privately reported vulnerabilities and two publicly disclosed vulnerabilities in Windows DNS server and Windows WINS server. These vulnerabilities could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems.

Microsoft has released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.