Microsoft silently patched three vulnerabilities last month, two of them affecting enterprise mission-critical Exchange mail servers, without calling out the bugs in the accompanying advisories, a security expert said today.Two of the three unannounced vulnerabilities, and the most serious of the trio, were packaged with MS10-024 , an update to Exchange and Windows SMTP Service that Microsoft issued April 13 and tagged as "important," its second-highest threat ranking.
I saw that a similar article had been posted by JMH, but I felt that this one was a little more in-depth and was worth a new thread. If not, feel free to combine them.
The Microsoft Vulnerability Research (MSVR) team found and reported a vulnerability in Google Chrome Frame. The result is a new version that fixes the security flaw, among other issues.
Full Story: Google Chrome Frame patches Microsoft-reported security bug