Microsoft rolls out Windows, IE, Office update to fix two dozen vulnerabilities

Microsoft has rolled out eight security bulletins to fix two dozen vulnerabilities as part of its October edition of Patch Tuesday. The software giant has also issued update addressing the "SandWorm" bug reportedly being exploited by Russian hackers to spy on NATO and the Ukrainian government.

CNET reports that the updates address vulnerabilities found in all currently supported versions of Windows, Internet Explorer, Office and the .Net framework. Three of the bulletins are rated critical, meaning Microsoft recommends systems administrators apply the patches immediately. A report said that Russian hackers targeted the Ukrainian government around the time of the recent NATO summit in Wales, where discussions on Russia's alliance with separatist rebels in eastern Ukraine were of prime focus.

iSight Senior Director Stephen Ward said that the vulnerability appeared in every version of Windows from Vista to 8.1, barring Windows XP. Security researcher FireEye said that Microsoft identified two of three so-called zero-day bugs -- flaws that are being actively exploited in the wild by hackers -- being used as "part of limited, targeted attacks against some major corporations," the report added.