Microsoft to Release Seven Patches, and Maybe one for Safari
Please support our Software Development advertiser: Programming Forums
Jun 5th, 2008, 11:19 pm
Microsoft today gave advance notice of a security bulletin it will release on Tuesday to repair seven vulnerabilities in Windows and Internet Explorer, three of them critical.
The three critical warnings involve potential remote code execution, and affect Bluetooth, DirectX and IE. According to reports, the latter patch might also include fixes for the so-called “Carpet Bomb” threat to Apple’s Safari browser made known recently by Nitesh Dhanjani. Microsoft last week issued a separate security warning about the “blended threat” to Safari on Windows XP and Vista as well as Internet Explorer versions 6 and 7, which only affects those who have not changed IE’s default download location.
Of the latest threats, three are classified as important, and involve WINS and elevation of privileges, and denial of services of Active Directory and Microsoft’s PGM multicast protocol. One threat classified as moderate involved remote code execution and Kill Bit, the company’s ActiveX function control designed to stop such attacks. The threats apply variably to components of Windows 2000, XP, Server 2003, Vista and Server 2008. The bulletin contains full details of which operating systems require which patches.
To further explain the threats and field questions about the bulletin, Microsoft will host a Webcast on Wednesday, June 11, at 11:00 am Pacific time. The company also will release an update to its Windows Malicious Software Removal Tool, though it did not specify a date. The tool will be available through Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center Websites.
The three critical warnings involve potential remote code execution, and affect Bluetooth, DirectX and IE. According to reports, the latter patch might also include fixes for the so-called “Carpet Bomb” threat to Apple’s Safari browser made known recently by Nitesh Dhanjani. Microsoft last week issued a separate security warning about the “blended threat” to Safari on Windows XP and Vista as well as Internet Explorer versions 6 and 7, which only affects those who have not changed IE’s default download location.
Of the latest threats, three are classified as important, and involve WINS and elevation of privileges, and denial of services of Active Directory and Microsoft’s PGM multicast protocol. One threat classified as moderate involved remote code execution and Kill Bit, the company’s ActiveX function control designed to stop such attacks. The threats apply variably to components of Windows 2000, XP, Server 2003, Vista and Server 2008. The bulletin contains full details of which operating systems require which patches.
To further explain the threats and field questions about the bulletin, Microsoft will host a Webcast on Wednesday, June 11, at 11:00 am Pacific time. The company also will release an update to its Windows Malicious Software Removal Tool, though it did not specify a date. The tool will be available through Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center Websites.
•
•
•
•
This blog entry was written by Edward J Correia, staff writer aka EddieC. It has been filed under the Software Development category. It has received 1,094 views, 0 comment(s), and 13 linkbacks. It was promoted to featured news status Jun 5th, 2008.
Related Blog Entries
- Hotz does it again, iPhone 3GS is jailbroken!!! (14 Hours Ago)
- Fix Outlook? Fix your emails! (9 Days Ago)
- Xenon: An Inspired Linux Project (20 Days Ago)
- You don't have to be easily offended to be an iPhone app approver, but it helps (31 Days Ago)
- iPhone Market Share Faces Critical Test (31 Days Ago)
Related Forum Threads
- Cannot find server or DNS Error - please help! (Viruses, Spyware and other Nasties)
- Fake Microsoft Windows Security Warning (Viruses, Spyware and other Nasties)
- Microsoft Windows Security Warning (Viruses, Spyware and other Nasties)
- Fake "Microsoft Windows Security Warning" & Browser Hijacks (Viruses, Spyware and other Nasties)
- IE shuts down automatically- ever since I downloaded Windows XP Security Patch (Viruses, Spyware and other Nasties)
- IE shuts down automatically- ever since I downloaded Windows Security Patch a month a (Web Browsers)
- New Worm Infects Without Attachment (IT Professionals' Lounge)