After a busy February with 13 security bulletins, Microsoft is easing off the patching throttle a bit this month. 

Microsoft released two new security bulletins addressing 8 vulnerabilities, all not publically known at this time. 

A zero-day (unpatched) vulnerability in Microsoft’s Internet Explorer is being exploited in the wild, the company warned in an advisory issued today.

On the same day it issued software fixes as part of its Patch Tuesday schedule, Microsoft released a pre-patch advisory to warn of the risk of remote code execution attacks against users of IE 6 and IE 7.

Apache's HTTP web server has a flaw that enables remote server access and total control of a database, according to a security researcher. Read the full article. [ZDNet Australia]

A security vulnerability identified in Opera can be exploited to crash users' browsers, but probably can't lead to the remote execution of malware, a company spokesman said. Read the full article. [The Register]

Cisco has released a number of reports on vulnerabilities in its products. It is possible to disrupt the transfer of voice data in the Unified Communications Manager using crafted SIP, SCCP and CTI packets. Read the full article. [The H Security]

A now available second maintenance release for PHP 5.3 fixes more than 60 bugs and closes several security holes which were already corrected in version 5.2.13, from the 5.2 branch, last week. Read the full article. [The H Security]

The average Microsoft Windows user has software from 22 vendors on her PC, and needs to install a new security update roughly every five days in order to use these programs safely, according to an insightful new study released this week. Read the full article. [KrebsonSecurity]

Microsoft has announced plans to ship two security bulletins next week to fix a total of eight vulnerabilities affecting Windows and Office products.

Both bulletins are rated "important" because of the risk compromising the confidentiality, integrity or availability of user data.

Microsoft today said it had restarted distribution of a security update that had crippled some Windows PCs last month with reboot problems and Blue Screen of Death error screens. Read the full article. [Computerworld]

A prominent security researcher has released an exploit that uses a new technique to defeat ALSR + DEP on Microsoft's Windows operating system.

The exploit, released by Google security researcher "SkyLined," uses the ret-into-libc technique to bypass DEP (Data Execution Prevention) and launch code execution attacks on x86 platforms.