Microsoft issued two bulletins stating that it is fixing three vulnerabilities in Windows, including a critical one for Windows XP, Vista and Windows 7 as part of Patch Tuesday, a day on which the company releases security patches every month.
The US software maker addressed the critical vulnerability in Bulletin MS11-002 where it fixed the critical hole and an important vulnerability in Microsoft Data Access Components that could allow an attacker the access to the computer if a user merely viewed a malicious web page.
The second bulletin MS11-001 resolves a vulnerability that could allow remote code execution if a user opens a legitimate Windows Backup Manager file that is located in the same network directory as a malicious library file.
The user would have to visit an untrusted remote file system or WebDAV (Web-based Distributed Authoring and Versioning) share for the attack to be successful.
Meanwhile, Microsoft revised Security Advisory 2488013 related to Cascading Style Sheets (CSS) for a vulnerability that affects its browser Internet Explorer.