iTWire - Patch Tuesday brings critical Windows updates - and more

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Patch Tuesday brings critical Windows updates - and more

Patch Tuesday brings critical Windows updates - and more

E-mail

by Stephen Withers
Wednesday, 15 July 2009
Page 1 of 2 Microsoft has patched nine vulnerabilities in Windows, Office, Virtual PC and Virtual Server. Featured Whitepaper 5 Best Practices for Smartphone Support As expected, Microsoft released six security bulletins on July's Patch Tuesday. A total of nine vulnerabilities have been addressed. Three of the bulletins - all rated as critical as they allow remote code execution - apply to various versions of Windows. The well-publicised DirectShow vulnerabilities are addresses for Windows 2000, XP and Server 2003. Vista and Server 2008 are not affected. The issue allows maliciously crafted QuickTime movie files to trigger the execution of remote code with the same privileges as the current user. Apple's QuickTime software is not involved and need not be installed for the flaw to be exploited. Exploits for at least one of the DirectShow vulnerabilities are in the wild. A pair of vulnerabilities in the Embedded OpenType (EOT) Font Engine affect all currently supported versions of Windows other than Server 2008 server core installations. EOT files can be used by Internet Explorer and Microsoft Office, among other applications. Microsoft warns that exploits could allow complete control of a system, including the creation of new accounts with full rights. The third bulletin concerns another issue that is being actively exploited. An update for Windows XP and Server 2003 sets a kill bit to prevent the exploitation of a vulnerability in the Microsoft Video ActiveX Control. Although Vista and Server 2008 are not affected by the vulnerability, Microsoft recommends the update for those systems as a "defense-in-depth measure". The update is cumulative - that is, it includes previously released ActiveX kill bits. (This leaves a more recent ActiveX issue for a subsequent Patch Tuesday unless Microsoft decides to rush out an out-of-cycle update.) Please read on for information about the Office and Virtual PC/Virtual Server issues - and more. << First page < 1 2 Next page > Last page - Post your comment >>

< Next story in category		Previous story in the category >

Sponsored Releases

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

User Experience Architect (C4)
Consulting Services Branch Manager
Process Analyst X 4 (M4)
Content Co-Ordinator (M3)
Senior .Net Developer (M3)
Business Analyst (M17)
Test Lead
Senior Business Analyst
Business Analyst - Financial Markets, Ops focus
Technical Business Analyst - BI & DW - Contract

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking