Another month, another Windows patch - two, actually

Stephen Withers
Wednesday, 12 November 2008 01:53

Your IT - Home IT

Microsoft has released just two security bulletins this month. One is rated critical, the other important - but don't dally, because the company warns that exploits are likely.

The critical bulletin covers multiple vulnerabilities in XML Core Services. Affected software includes Windows 2000, XP, Server 2003, Vista and Server 2008, plus Office 2003, 2007, Expression Web (including version 2), SharePoint Server 2007 and Groove Server 2007.

The worst case scenario is that a maliciously crafted web page displayed in Internet Explorer could cause remote code execution.

The important bulletin relates to a single remote code execution vulnerability in the SMB protocol as implemented in Windows 2000, XP, Server 2003, Vista and Server 2008. It is a particular problem with XP, where it is common for SMB sharing to be enabled and administrator accounts are routinely used.

The update improves the validation of SMB authentication replies to prevent the replay of credentials.

Microsoft has warned that an XP exploit for this vulnerability is already publicly available.

The company has also updated the Malicious Software Removal Tool and the Windows Mail Junk E-mail Filter.