iTWire - Security conferences trigger early release of Microsoft security patches

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Security conferences trigger early release of Microsoft security patches

Security conferences trigger early release of Microsoft security patches

E-mail

by Stephen Withers
Wednesday, 29 July 2009
Page 1 of 2 Rather than wait for August's Patch Tuesday, Microsoft has rushed out a pair of security bulletins ahead of the Black Hat and Defcon security conferences. Featured Whitepaper 5 Best Practices for Smartphone Support The out of cycle updates cover Visual Studio and Internet Explorer. The core of the problem lies in the Microsoft Active Template Library (ATL) distributed with Visual Studio. Visual Studio itself is not vulnerable, but controls and components built in Visual Studio using the ATL may be, depending on decisions made by the developer concerned. According to Microsoft officials, the security impact of the vulnerabilities in affected applications would be critical or moderate as they provide an opportunity for remote code execution. Updates are available for Visual Studio .NET 2003; Visual Studio 2005 and 2008; and the Visual C++ 2005 and 2008 Redistributable Packages. It is up to developers to create and distribute new versions of software that use the ATL. Among the resources Microsoft is offering to developers is a flow chart to help determine whether a particular ActiveX control is vulnerable. Microsoft has been working with the developers of widely used ActiveX controls to help them identify vulnerable items. The company has also reminded developers that it will set kill bits for their controls on request as part of a Microsoft Update. Kill bits will also be set in this way for vulnerable controls that are under attack if their vendor cannot be identified. What about Internet Explorer? See page 2. << First page < 1 2 Next page > Last page - Post your comment >>

< Next story in category		Previous story in the category >

Sponsored Releases

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

User Experience Architect (C4)
Consulting Services Branch Manager
Process Analyst X 4 (M4)
Content Co-Ordinator (M3)
Senior .Net Developer (M3)
Business Analyst (M17)
Test Lead
Senior Business Analyst
Business Analyst - Financial Markets, Ops focus
Technical Business Analyst - BI & DW - Contract

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking