Archive for the 'Patch Tuesday' Category
04 14th, 2009
The PC Doctor wrote an intriguing post today on
Here’s a little taster
Eight patches from Microsoft today:
Critical:
Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
This security update resolves two publicly disclosed vulnerabilities and two privately reported vulnerabilities in Microsoft WordPad and Microsoft Office text converters. The vulnerabilities could allow remote code execution if a specially crafted file is opened in WordPad or Microsoft Office Word. Do not open Microsoft Office, RTF, Write, or WordPerfect files from untrusted sources using affected versions of WordPad or Microsoft Office Word.
Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)
This security update resolves one publicly disclosed vulnerability and two privately reported vulnerabilities in Microsoft Windows HTTP Services (WinHTTP). The most severe vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. […]
Read the rest of this post here
03 10th, 2009
The PC Doctor wrote an intriguing post today on
Here’s a little taster
Here are the updates Microsoft has released today:
Critical:
Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)
This security update resolves several privately reported vulnerabilities in the Windows kernel. The most serious vulnerability could allow remote code execution if a user viewed a specially crafted EMF or WMF image file from an affected system.
Important:
Vulnerability in SChannel Could Allow Spoofing (960225)
This security update resolves a privately reported vulnerability in the Secure Channel (SChannel) security package in Windows. The vulnerability could allow spoofing if an attacker gains access to the certificate used by the end user for authentication. Customers are only affected when the public key component of the certificate used for authentication has been obtained by the attacker through other means.
Vulnerabilities in DNS and WINS Server Could Allow Spoofing (962238)This security update resolves two privately reported vulnerabilities and two publicly disclosed vulnerabilities in Windows DNS server and Windows WINS server. These vulnerabilities […]
Read the rest of this post here
02 12th, 2009
The PC Doctor wrote an intriguing post today on
Here’s a little taster
Some important patches from Microsoft for this month.
Critical:
Cumulative Security Update for Internet Explorer (961260)This security update resolves two privately reported vulnerabilities. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)
This security update resolves two privately reported vulnerabilities in Microsoft Exchange Server. The first vulnerability could allow remote code execution if a specially crafted TNEF message is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could take complete control of the affected system with Exchange Server service account privileges. The second vulnerability could allow denial of service if a specially crafted MAPI command is sent to a Microsoft Exchange Server. An attacker […]
Read the rest of this post here