Microsoft October 2006 patch Tuesday



The first thing I should mention is that this months update from Microsoft is the last for XP SP1 users should plan a migration path to SP2 to keep getting updates to XP. Multiple vulnerabilities this month have been patched in Office There are 4 advisories, but a total of 15 issues covered by those four. Powerpoint, Excel, Word and Office/Publisher there are a variety of exploits, some public (like the powerpoint) others that were privately reported. Also, Incidents.org gives a nice summary of the advisories and the severity of each (urgency of updating.) The setslice vulnerability is patched in this batch by the way.


Unfortunately, this patch day has already had it’s share of problems Zdnet reports the following….

“Due to technical difficulties experienced on the Microsoft Update platform, security updates released today are not currently available via Microsoft Update, Automatic Updates, Windows Server Update Services or Windows Update v6,”

Which explains why the workstation that I led to windows update this afternoon saw that there were 0 new updates available….

Brian Krebs at the Security fix has a few good points as well… Two of these updates affect Vista. Also, among the Office updates, they are most critical on Office 2000, which is not serviced by automatic updates and so Office 2000 users SHOULD VISIT OFFICE UPDATE…. office.microsoft.com/en-us/officeupdate/

These days the focus of crackers seems to be client applications and the distribution of updates seems to reflect that. (Which makes it all the more important that even Office 2000 users get their updates.)

   Send article as PDF   

Similar Posts