MS lines up six critical fixes for Tuesday
Print storyPatches stick to the usual suspects
Posted in Security, 5th December 2008 23:39 GMT
Free whitepaper – Securing your online data transfer with SSL
Microsoft is preparing eight patches - six of which cover critical vulnerabilities - for next Tuesday as part the last edition this year of its monthly Patch Tuesday update cycle.
The critical updates cover separate vulnerabilities involving Word and Excel as well a duo of vulnerabilities involving various flavours of Windows and a cumulative patch for Internet Explorer. A critical update for Visual Basic completes the sextet.
One of the two critical Windows updates is applicable only to Vista and Windows 2008. There's speculation that the other - a fix for Win 200 and XP - involves a bug known about since April and actively exploited since late October.
The less serious "important" updates covers bugs in windows Media Player, involving remote code execution (so why isn't it called critical?), and a separate flaw in Microsoft's SharePoint server software.
As usual, details have been withheld pending the release of the updates on 9 December. Microsoft pre-alert advisory can be found here.
Free whitepaper – Vulnerability management buyer's checklist
The future of SaaS and IT infrastructure management
The mandate for application security
Extended Validation SSL Certificates
Avoiding 7 common mistakes of IT security compliance
The best practices guide for application security
Google cloud told to encrypt itself
Buggy 'smart meters' open door to power-grid botnet
Chinese firm hits back at cyberspy claims
BlockMaster SafeStick hardware-encrypted USB drive