Microsoft Plugs 11 Software Holes
Microsoft Corp. today pushed out software updates to plug at least 11 separate security holes in its Windows operating system and other software.
Four of the vulnerabilities earned a "critical" rating from Redmond, its most severe. Microsoft labels flaws "critical" if they can be exploited remotely with little if any help from the user.
Updates are available for most versions of Windows 2000, Windows XP, Windows Server 2003, and Microsoft Office.
Four of the flaws reside in Office, from Office 2000 all the way up to the latest -- Office 2007. Office patches also are available through Microsoft Update, unless you're an Office 2000 user, in which case you'll need to pay a visit to the Office Update site to complete this month's patch cycle. Office 2000 users also may need to have their Office installation CD handy to finish the installation.
One interesting vulnerability patched today stems from a problem with the firewall built into Windows Vista PCs. From the advisory, there is an "information disclosure vulnerability in Windows Vista that could allow a remote anonymous attacker to send inbound network traffic to the affected system. It would be possible for the attacker to gain information about the system over the network." Microsoft notes that an attacker would still need to know a valid user name and password for the targeted Vista system to access any programs or other resources on the machine.
Companies often take anywhere from a few days to a few weeks to deploy patches, allowing time to test the updates to be sure that they do not break existing software applications. But home users should not delay in applying these updates. If you've heeded my oft-uttered advice to run your system under a limited user account, you will need to log in using an administrator account to install patches.
July 10, 2007; 2:55 PM ET
Categories: Latest Warnings , New Patches , Safety Tips
Save & Share: Previous: Florida Counterfeit Credit Card Ring Busted
Next: New Threat Pits Internet Explorer Against Firefox
Posted by: annonimus | July 10, 2007 4:25 PM | Report abuse
Posted by: OhioMC | July 10, 2007 11:16 PM | Report abuse
Posted by: sc | July 11, 2007 6:57 PM | Report abuse
Posted by: Rich Gibbs | July 12, 2007 11:57 AM | Report abuse
Posted by: sc | July 12, 2007 12:38 PM | Report abuse
Posted by: TJ | July 12, 2007 12:52 PM | Report abuse
Posted by: leo | August 17, 2007 12:33 PM | Report abuse
The comments to this entry are closed.