Microsoft August Updates



Incidents.org has an initial list of the updates today from Microsoft, there is also a brief from Microsoft on the updates. It appears as though one is Powerpoint specific, another is Office releated, one is tagged as an Internet Explorer update and the rest Windows. More details later in the day. Hopefully we can get more details from the technet security page when it’s updated.

Update…. Details time…


In addition to Sans (Incidents.org) having updated the first diary entry above… they have a good chart of upgrade priorities which distinguishes between system roles. Obviously Office vulnerabilities might not be a critical issue on a server, while a vulnerability that could allow for worm propogation is critical on everything.

There are non-critical non-security updates from Microsoft this month as well. (Junk mail filter for Outlook update, Infopath 2003, Malicious software removal tool.) US-CERT has information on active in the wild exploitation of at least one of the vulnerabilities. The most critical of the vulnerabilities is MS06-040 which is a vulnerability in the server service and has been reported as the most likely to be exploited by a worm or self-replicating virus.

The security Fix get’s into the details as well. Brian notes that the updates patch 23 flaws, one of the oldest Internet Explorer related flaws was reported in 2004. Also, he reminds that for Office 2000 users, they will have to manually check for updates.

Several that post on the Security Fix site have asked about any known problems with the updates. That is not yet known, however in recent months there have been problems with at least one update a month it seems. Let’s hope that MS06-040 is one that they got right the first patch.

Related Posts

Blog Traffic Exchange Related Posts
  • The security of remote tech support (ultravnc sc or x11vnc with wrapper script) Well, I've got a nice way of doing "easy" one click (or one cut and paste) light desktop support for windows or linux, one uses ultravnc sc, the other uses x11vnc with a special wrapper script. So, what security flaws are there in this process? Well, for starters, I see......
  • Microsoft fixes security fix.... Well, for the second month in a row (I don't recall one in March..) Microsoft has re-released a patch for Windows. This time it's the Flash patch (which really falls under 3rd party software). They've re-worked the version detection of the update in an attempt to solve all the problems......
  • October Microsoft update advance notice.... 11 patches will be released by Microsoft on the 10th of October. Bulletin is here, 6 for windows, 4 for Office (at least one in each of those two batches is critical) and 1 .NET (moderate) - yes the Windows updates will likely require a restart. Betanews has a bit......
Blog Traffic Exchange Related Websites
  • My Prosper Internal Rate of Return Update (End of August 07) = 2.75% This is a RateLadder only IRR update. (An IRR lender “game” update is in the works.) I was involved with my first default debt sale.  I sold 1 AA loan for 25% of prinicpal. Here is my permanent tracking page: http://rateladder.com/my-prosper-irr/ My Prosper IRR is defined as: Monthly cash flows......
  • Download Microsoft Windows 7 RC Hi Folks, Microsoft has released Windows 7 RC. Here's what you need to know: This is pre-release software, so please read the following to get an idea of the risks and key things you need to know before you try the RC. You don't need to rush to get the......
  • What is Patch Tuesday? Excellent explanation of Patch Tuesday by TMI Engineering Patch Tuesday is the second Tuesday of each month, the day on which Microsoft releases security patches. Starting with Windows 98, Microsoft included a "Windows Update" system, that would check for patches to Windows and its components which Microsoft would release intermittently. With......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site