Microsoft Patch Day

Today is Microsoft patch day, and there are three patches as expected. Though all the patches are critical, the two to roll out immediately are related to Microsoft Office. The program already has been actively exploited, and is vulnerable to remote attacks if a Rich Text Format (RTF) file is opened.

There also is a patch for the forefront unified access gateway. This particular vulnerability affects administration interface for the Microsoft security solution. The patch helps protect against a few different cross-site scripting flaws. They of course could be used to take control of this particular admin interface, so if you do run forefront, definitely patch it. The install base for the unified access gateway should be smaller than it is for the Office products.