Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Microsoft Patches 26 Flaws In a Single Day

In an interview, Alfred Huger, senior director of engineering at Cupertino, California-based Symantec Corp, informed that at least two of the vulnerabilities, one each for PowerPoint and Excel, were already exploited. So the program users must immediately enhance their security so as not to fall victim to hackers.


Later in the day, Gehere updated his blog to say that the problem had been fixed.

Microsoft's security web site provides the patches, which users can download for free. But as always, the method of setting computers to automatically download these types of fixes was not working on Tuesday. Microsoft said the problem was not with the security patches but with the system of automatic update itself.

According to Microsoft's Craig Gehere in a blog posting, the problem came up due to some network issues on the 'Microsoft Update base'. The security updates were not yet available to users of 'Microsoft Update', 'Automatic Updates', 'Windows Server Update Services (WSUS)' and 'Windows Update Version 6'. However, later that day, Gehere updated the blog to inform that the issue had been resolved. Some of the patches can be applied to Windows Vista as well and two to Office on the 'Apple Mac'. Although Apple patches are very important they are not critical. Four most critical updates are for the Office suite. All of the main Office products - Word, Excel and PowerPoint have serious flaws that could transfer entire control of the computer to an attacker on exploitation. One single update is capable to affect the complete Office suite.

Important updates were issued for previous flaw in WebViewFolderIcon control that is used in Windows Shell. For this, exploits have been since many weeks and for Windows XML parser.
The list of flaws would have been even longer had Microsoft not released an out-of-cycle patch for a popular 'zero-day' attack on VML (Vector Markup Language) applied for graphics in Internet Explorer.

Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails

» SPAMfighter News - 10/16/2006

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next