Microsoft security roundup



OK – there have been a number of Excel problems floating around in the last week – week and a half. Securiteam blog has a FAQ on the Excel 0-day vulnerabilities with Excel and Excel Viewer Incidents.org kindly gives us a scoresheet documenting the three different vulnerabilities that have been recently exploited. I have not thoroughly read details, but suspect that avoiding opening unexpected xls attachments would likely be a GOOD preventative measure. If you take the attitude… “oh junk mail…. ooo attachment – wonder whats in there – let’s see…” then you’re likely already stuck by a few viruses.

The other bit of Microsoft security news is the update to the MS06-025 patch from last week (week before I believe.) It turns out the original patch broke (caused problems with) dialup. Given that there’s an updated update – be sure to patch because the underlying vulnerability IS being actively exploited. (Are we up to 3 patches in this year that have caused other issues and had to be re-released? I wonder if that indicates a shift in Microsoft’s patch cycle testing?)

Related Posts

Blog Traffic Exchange Related Posts
  • Apple Quicktime and OS X updates to patch multiple security vulnerabilities Apple has released Quicktime v. 7.1 for both Windows and OS X to address about 12 vulnerabilities. It looks as though all of the vulnerabilities were related to either a specially crafted images or movies (a variety of formats...) Upgrade or use another viewer... Affected file formats are.... Jpegs, Flashpix,......
  • How Microsoft could patch VML vulnerability before October's patch day SO, there's the second big vulnerability exploit for Internet Explorer making the rounds in about a week and Microsoft's advisory says that the most recent flaw will likely be patched on October's patch day ("unless the need arises...") So, what would trigger that need? Lot's of browsers being subjected to......
  • Microsoft August Updates Incidents.org has an initial list of the updates today from Microsoft, there is also a brief from Microsoft on the updates. It appears as though one is Powerpoint specific, another is Office releated, one is tagged as an Internet Explorer update and the rest Windows. More details later in the......
Blog Traffic Exchange Related Websites
  • Internal IT Security Threat Internal users continue to be the torn in system and security administrator's side. This is the case for many reasons. One, they have knowledge of the networking recourses. Two, they have credentials to access various systems on the network and third, most security controls defend against external entities as compared......
  • Microsoft Security Bulletin Summary for September 2010 - Issued: September 14, 2010 ******************************************************************** Microsoft Security Bulletin Summary for September 2010 Issued: September 14, 2010 ******************************************************************** This bulletin summary lists security bulletins released for September 2010. The full version of the Microsoft Security Bulletin Summary for September 2010 can be found at http://www.microsoft.com/technet/security/bulletin/ms10-sep.mspx. With the release of the bulletins for September 2010, this......
  • Microsoft Security Advisory (2286198): Vulnerability in Windows Shell Could Allow Remote Code Execution Vulnerability in Windows Shell Could Allow Remote Code Execution Published: July 16, 2010 Version: 1.0 General Information Executive Summary Microsoft is investigating reports of limited, targeted attacks exploiting a vulnerability in Windows Shell, a component of Microsoft Windows. This advisory contains information about which versions of Windows are vulnerable as......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site