Microsoft security roundup



OK – there have been a number of Excel problems floating around in the last week – week and a half. Securiteam blog has a FAQ on the Excel 0-day vulnerabilities with Excel and Excel Viewer Incidents.org kindly gives us a scoresheet documenting the three different vulnerabilities that have been recently exploited. I have not thoroughly read details, but suspect that avoiding opening unexpected xls attachments would likely be a GOOD preventative measure. If you take the attitude… “oh junk mail…. ooo attachment – wonder whats in there – let’s see…” then you’re likely already stuck by a few viruses.

The other bit of Microsoft security news is the update to the MS06-025 patch from last week (week before I believe.) It turns out the original patch broke (caused problems with) dialup. Given that there’s an updated update – be sure to patch because the underlying vulnerability IS being actively exploited. (Are we up to 3 patches in this year that have caused other issues and had to be re-released? I wonder if that indicates a shift in Microsoft’s patch cycle testing?)

Related Posts

Blog Traffic Exchange Related Posts
  • Microsoft warns against unofficial patch I didn't exactly expect a parade staged by Microsoft for the writer of the unofficial patch for this WMF vulnerability, but.... eweek tells us that Microsoft says "beware of unofficial WMF patch" It also mentions that behind the scenes Microsoft officials are furious that the threat has been overblown. Personally,......
  • Microsoft's unpatched security bugs George Ou at ZDnet is mystified (as many of us are) at why Microsoft can't patch ALL their security vulnerabilities. Most of the unpatched vulnerabilities are considered minor (as was the 6 month old bug that in the last week was discovered could be exploited for more than a Denial......
  • Fasten your seatbelts - Browser vulnerability a day to be announced in July I hope there aren't too many browser developers that have planned on taking July off..... I ran across browserfun.blogspot.com where it is planned to release information on a web browser vulnerability EACH DAY for the month of July. This comes to us from HD Moore of Metasploit. Judging from This......
Blog Traffic Exchange Related Websites
  • Microsoft Security Advisory (2286198): Vulnerability in Windows Shell Could Allow Remote Code Execution Vulnerability in Windows Shell Could Allow Remote Code Execution Published: July 16, 2010 Version: 1.0 General Information Executive Summary Microsoft is investigating reports of limited, targeted attacks exploiting a vulnerability in Windows Shell, a component of Microsoft Windows. This advisory contains information about which versions of Windows are vulnerable as......
  • Microsoft Security Bulletin Summary for September 2010 - Issued: September 14, 2010 ******************************************************************** Microsoft Security Bulletin Summary for September 2010 Issued: September 14, 2010 ******************************************************************** This bulletin summary lists security bulletins released for September 2010. The full version of the Microsoft Security Bulletin Summary for September 2010 can be found at http://www.microsoft.com/technet/security/bulletin/ms10-sep.mspx. With the release of the bulletins for September 2010, this......
  • Windows 7 Sales Spike to Overtake Mac OS X [/caption]Proving there is no accounting for taste Microsoft’s latest attempt at a decent operating system, Windows 7, is now running on 5% of the computers online.  The daily average of online users as measured by Internet metrics company Net Applications showed that an increase last week put Windows 7 above......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site