<p>Microsoft fixes include patch for in-the-wild Office 365 token-grabbing attack that enabled silent eavesdropping.</p><p>9 Android Apps To Improve Security, Privacy(click image for larger view)</p><p>Microsoft Tuesday released fixes for critical vulnerabilities in Internet Explorer, Microsoft Office, SharePoint, and the Windows operating system, including patches for two different zero-day vulnerabilities. But it has yet to patch a zero-day vulnerability that was first spotted in late November.</p><p>The fixes came as part of Microsoft's regular patch-release cycle, which this month addressed 24 different vulnerabilities, as documented in 11 Microsoft security bulletins. Five of those bulletins were rated as "critical," meaning the flaws could be exploited remotely by attackers to take full control of a vulnerable system.</p><p><a href="http://www.informationweek.com/security/application-security/microsoft-patches-windows-office-ie-sharepoint/d/d-id/1113035">Keep reading...</a></p><p>Read also:</p><p><a href="http://www.cbronline.com/news/tech/software/malware/microsoft-patches-4-zero-day-vulnerabilities-111213-4144449">Microsoft patches 4 zero-day vulnerabilities</a> (Computer Business Review)</p><p><a href="http://www.newsroomamerica.com/story/399286.html">Microsoft Releases December 2013 Security Bulletin</a> (Newsroom America)</p><p><a href="http://threatpost.com/microsoft-patches-gdi-zero-day-experts-urge-close-look-at-important-aslr-bypass-patch/103157">Microsoft Patches GDI+ Zero Day; Experts Urge Close Look at 'Important' ASLR ...</a> (Threatpost)</p><p>Explore: <a href="http://news.google.com/news/more?ncl=dJsVqZumW0gJ3tMb_WYVhleNenblM&ned=us">251 additional articles.</a></p>