Microsoft released two security bulletins on this month's patch day. Every second Tuesday of a month is so called patch day at Microsoft where a number of security related updates are released. One of the security bulletin addressed security issues in Microsoft Windows, the other in Microsoft Office.
If you look at the maximum severity rating you notice that the Windows vulnerabilities have received a severity rating of critical, the highest possible rating. The Office bulletin on the other hand received a rating of important, the second highest rating.
Microsoft Security Bulletin MS11-035 offers detailed information about the Windows vulnerability. It affects only Windows Server products, from Windows Server 2003 to Windows Server 2008 R2. Not affected are all client operating systems of Microsoft.
If you look at Microsoft Security Bulletin MS11-036 you notice that Office XP, 2003 and 2007 are affected on Windows. Furthermore affected are Microsoft Office 2004 and 2008 for Mac, the Open XML File Format Converter for Mac and the Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2.
Why is not Office 2010 affected by the vulnerability? Because Office File Validation mitigates the risk of the vulnerability.
Additional information on both vulnerabilities are available at the MSRC Technet Blog.
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.