Microsoft August Updates



Incidents.org has an initial list of the updates today from Microsoft, there is also a brief from Microsoft on the updates. It appears as though one is Powerpoint specific, another is Office releated, one is tagged as an Internet Explorer update and the rest Windows. More details later in the day. Hopefully we can get more details from the technet security page when it’s updated.

Update…. Details time…


In addition to Sans (Incidents.org) having updated the first diary entry above… they have a good chart of upgrade priorities which distinguishes between system roles. Obviously Office vulnerabilities might not be a critical issue on a server, while a vulnerability that could allow for worm propogation is critical on everything.

There are non-critical non-security updates from Microsoft this month as well. (Junk mail filter for Outlook update, Infopath 2003, Malicious software removal tool.) US-CERT has information on active in the wild exploitation of at least one of the vulnerabilities. The most critical of the vulnerabilities is MS06-040 which is a vulnerability in the server service and has been reported as the most likely to be exploited by a worm or self-replicating virus.

The security Fix get’s into the details as well. Brian notes that the updates patch 23 flaws, one of the oldest Internet Explorer related flaws was reported in 2004. Also, he reminds that for Office 2000 users, they will have to manually check for updates.

Several that post on the Security Fix site have asked about any known problems with the updates. That is not yet known, however in recent months there have been problems with at least one update a month it seems. Let’s hope that MS06-040 is one that they got right the first patch.

Related Posts

Blog Traffic Exchange Related Posts
  • Microsoft October 2006 patch Tuesday The first thing I should mention is that this months update from Microsoft is the last for XP SP1 users should plan a migration path to SP2 to keep getting updates to XP. Multiple vulnerabilities this month have been patched in Office There are 4 advisories, but a total of......
  • Big Windows June update day Updates for Windows for the month of June are out today and it looks like some list! 12 updates covering 20 or more vulnerabilities. MANY of these are tagged as critical. (Critical vulnerabilities are considered remotely exploited or with little (or no) user interaction.) Sans has a good listing of......
  • The security of remote tech support (ultravnc sc or x11vnc with wrapper script) Well, I've got a nice way of doing "easy" one click (or one cut and paste) light desktop support for windows or linux, one uses ultravnc sc, the other uses x11vnc with a special wrapper script. So, what security flaws are there in this process? Well, for starters, I see......
Blog Traffic Exchange Related Websites
  • Microsoft Security Bulletin MS10-046 - Critical Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) Published: August 02, 2010 | Updated: August 03, 2010 Version: 1.1 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon......
  • What is Patch Tuesday? Excellent explanation of Patch Tuesday by TMI Engineering Patch Tuesday is the second Tuesday of each month, the day on which Microsoft releases security patches. Starting with Windows 98, Microsoft included a "Windows Update" system, that would check for patches to Windows and its components which Microsoft would release intermittently. With......
  • 3 steps Forward.... I scored a new computer! A slightly used Dell Server, big, as in VERY BIG, desktop tower. It's running Windows XP, and soon will dual boot with Ubuntu Linux (I may get a second harddrive and see what's possible by way of a 'hackintosh' for a 3rd OS)! I missed......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site