Microsoft has a very light patching month with only one bulletin addressing a critical vulnerability affecting Embedded OpenType (EOT) Font. This user-level, client-side vulnerability requires an attacker to trick a user into viewing a web page or open a file which contains malicious content. However, Microsoft isn’t the only one releasing patches. Both Adobe and Oracle are following suit this month.
Adobe is releasing a security update addressing critical vulnerabilities in Reader and Acrobat. These security fixes are addressing zero-day vulnerabilities that have been exploited in-the-wild since being made public on December 14, 2009.
Oracle has a quarterly critical patch update they are releasing today. This update addresses 24 vulnerabilities across multiple applications