Internet Explorer was credited this month with two critical flaws. One of them involved remote execution of code in the browser, while the other was found withing the ActiveX plugin needed to connect Internet Explorer to Yahoo’s Music Jukebox service.
The star in the Windows department was a privilege elevation flaw, found in five version of the OS: Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.
In addition, this April pack includes fixes for a remote code execution flaw in the VBSript/Jscript component, a remote code execution vulnerability in the handling of EMF and WMF image files and, last but not least, a DNS spoofing flaw.
Microsoft Office received a fix for a remote code execution vulnerability found in the way the software handles the Project files, plus a couple of flaws in its Visio component.