Microsoft Corp. issued one of its biggest security fixes on Tuesday, including a repair to its widely used Excel spreadsheet for flaws that could allow hackers to take control of a user’s PC.
Adobe Systems Inc. separately said that it would issue an update to its Flash Player Thursday to address a vulnerability in the current version that hackers were exploiting to secretly gain remote access to computers.
Adobe’s security engineers spent the weekend investigating the vulnerability, to figure out how to address the problem, then incorporated the fix into the latest update for the company’s Flash software, said Brad Arkin, senior director of product security and privacy for Adobe.
Meanwhile, Microsoft released 10 patches to address 34 flaws it identified across its Office, Windows, Internet Explorer and other products.
It said three of the patches were high priority and should be deployed immediately to protect users from criminal attacks. The patches — which update software to write over glitches — are designed to protect users from hackers.
Fourteen of the vulnerabilities identified were in Microsoft Excel, eight were related to the Windows operating system and Internet Explorer. The total of 34 matched a record set in October 2009.
The flaws in Excel allowed hackers to create tainted spreadsheets that infect a user’s PC once they are opened, allowing a hacker to remotely take control of that machine, according to Joris Evers, a spokesman for security software maker McAfee Inc.
Patching PCs can be a time-consuming process for corporate users, which need to test the patches before they deploy them to make sure they do not cause machines to crash because of compatibility issues with existing software.