and they affect no fewer than 18 issues in Office and Windows. 13 issues are tagged as critical, others as important. They are all bundled into 7 update downloads. 8 vulnerabilities within Excel have been addressed in all of this. Office 2000 users will have to manually update (Office XP/2003 updates can be brought in through Microsoft Update.) It looks like the flaw I found most interesting was a remote code execution vulnerability in the DHCP client… .(Affects 2000/xp and 2003).
Tag: updates
-
Product Reviews
From time to time I’ve done product reviews on this site and I’m getting ready to do a first impression review on something else. I’d like to take a step back though and give you my thoughts on product reviews in general and their value (or lack thereoff…) I usually take product reviews in a magazine with a grain of salt for a number of reasons. One of those reasons is who pays their advertising bills, maybe the editorial board of a publication is fond of a certain product for financial reasons…. also, they usually get the sample for free, so there’s a disconnect in the VALUE assessment of a product…
-
The end for Windows 98 may be a boost to linux?
There are articles out about the demise of official Windows 98 and ME support would be a boost to linux uptake. Realistically, I suppose it may, but I personally am not holding my breath. Here’s why. 1) The people still running Windows 98/ME are likely doing so because that’s what came with their PC. There is a common perception that ~6 is a point where they might replace it anyway with a new pc. 2) IF you’re running Windows98 on original equipment (as opposed to someone that opted for 98 instead of xp on a slightly newer system, or has upgraded from the original equipment.) You might be frustrated with the performance of MOST linux distributions on your equipment. Let’s face it, linux can run on most anything, but most of the distributions that people HEAR about focus on newer hardware….
-
7 Updates coming from Microsoft in July
We can expect 7 updates next week from Microsoft on the monthly patch day for July. Four of the updates will be for Windows, and 3 for Microsoft Office. There will be at least one critical update for each. It’s expected that we’ll see an update for the Excel issues that have been talked about the last few weeks. There are a number of publicly known Internet Explorer vulnerabilities, but it’s not known if Microsoft has prepared patches for those yet. It should be noted that many times 1 patch will cover a number of issues. This is commonly seen with Internet Explorer cumulative updates where several vulnerabilities are addressed with one update.
-
Windows 98 and ME in final days of support (6 by my count)
July 11th will mark the end of Microsoft’s support for Windows 98 and ME. Which means that there will be no further security updates for those systems after that date. In SOME ways, those systems may find comfort in the security through obscurity approach as much malware MAY not run on those systems, but that’s kind of a risky angle to play. For those that are willing to experiment…
-
Fasten your seatbelts – Browser vulnerability a day to be announced in July
I hope there aren’t too many browser developers that have planned on taking July off….. I ran across browserfun.blogspot.com where it is planned to release information on a web browser vulnerability EACH DAY for the month of July. This comes to us from HD Moore of Metasploit. Judging from This securityfocus article, most of the vulnerabilities may just lead to a browser crash, but some seem to be remote code execution vulnerabilities. Microsoft Internet Explorer is where they found most of them, but other browsers were NOT immune and did find at least one remotely exploitable vulnerability to gain remote access for each browser tested.
-
Exploit in the wild for Apple vulnerability
A couple days ago there was a release of Mac OS X 10.4.7 which addressed several security flaws. There is now an exploit published for one of these vulnerabilities. The attacker using this exploit could gain remote root (administrator) access to the machine. So, don’t delay any further on patching. No system is a fortress if the administrator doesn’t keep up with security updates……
-
OpenOffice.org security update
Version 2.0.3 of OpenOffice.org has been released. It includes quite a few bugfixes, including three security related fixes. The security vulnerabilities were apparently found in an internal audit. One of the improvements in 2.0.3 is an integrated update check, to be able to check for available updates directly from within OpenOffice. I think this is an important area to be improved.
-
Apple Mac OS X updates
There are several issues fixed by a bundle of updates for OS X (for 10.4 up to 10.4.6). The new release is 10.4.7 There are a number of issues fixed in addition to at least 3 security related problems. Incidents.org has more details. I know many Mac users feel the “aura of invincibility”, but…. keeping your OS updated is important no matter what Operating system you use…. mac, windows, linux, bsd, etc.
-
Adobe Acrobat security update for Mac, Windows
Adobe has released updates to Acrobat Reader for Windows and Mac systems. I don’t see any mention of linux in the advisories, but I do see that the linux version available for download is now 7.0.8 as well (which is the same as the Mac/Windows versions.) *(Apparently they’re pushing more Yahoo! integration in this release as well.)