Microsft Patch Released Brings 26 Fixes
Wednesday 13 August 2008 9:29 AM
Microsoft has today issued a hefty eleven bulletins addressing 26 vulnerabilities in its August security release.The monthly security update includes six bulletins which address issues rated "critical," the highest of Microsoft's security alert levels. Four of the critical bulletins addressed vulnerabilities in Office. Those patches included fixes for an ActiveX control in Office 2003 and older, flaws in Office filters, Powerpoint and Excel. All four could be used by an attacker to remotely execute code. The company also fixed remote code vulnerabilities in the Image Color Management software for Windows 2000, XP and Server 2003. The remaining critical bulletin was an update to a previous patch for Internet Explorer 6 and 7. The five remaining vulnerabilities were all rated as 'important.' Those included fixes for remote code flaws Word and information disclosure risks in Outlook and Windows Messenger. Also fixed was an information disclosure flaw in the IPSec software for Windows Vista and Server as well as a remote code execution vulnerability in the Windows Event System component for all versions of the operating system. McAfee researcher Karthik Raman said that the update was a "mammoth" release, noting that Microsoft has not patched so many vulnerabilities with a single update in some two years. "We have not seen anything of this scale in a long time," he said. "Many of the vulnerabilities addressed by the fixes could be exploited if a Windows user simply views a malformed image or visits a malicious Web site, a favorite attack method among cybercriminals." To Recieve the latest updates visit the Microsoft Update site. IT Services strongly recommends keeping all desktop clients up to date.
Also See
|