Another big month for Microsoft security patches

Stephen Withers
Wednesday, 10 December 2008 01:15

Your IT - Home IT

The trick would be to use one vulnerability to fool Windows Media components into thinking they are talking to a server in the Intranet zone, then the other to perform a reflection attack to gain access to the targeted system.

The December updates are available for:

Windows 2000, XP, Server 2003, Vista, and Server 2008;

Internet Explorer 5.01, 6, and 7;

Windows Media Player 6.4;

Windows Media Format Runtime 7.1, 9.0, 9.5, and 11;

Windows Media Services 4.1, 9, and 2008;

Office 2000, 2002, 2003, 2004, 2007, 2008, and associated viewers and converters;

Works 8;

FrontPage 2002;

Project 2003 and 2007;

SharePoint Server 2007;

Visual Basic 6.0, 2002, 2003;

Visual FoxPro 8.0 and 9.0; and

Search Server 2008.

As usual, Microsoft released updated versions of the Malicious Software Removal Tool and the Windows Mail Junk E-mail Filter.

There's also a Vista update for compatibility with the HP Digital Imaging Monitor, and a daylight saving update for Windows XP, Vista, Server 2003 and Server 2008.