Microsoft Patches Critical Vista SP1 and XP SP3 Vulnerabilities
section: windows, for your questions: KezNews forum, 10.12.2008
Tip: Click here to update all your PC's outdated driversIt's patching time yet again for Microsoft, as the software giant made available no less than eight security bulletins on December 9, 2008, designed to plug vulnerabilities in a range of products including Windows Vista Service Pack 1 and Windows XP Service Pack 3.
A total of six update packages are labeled with a maximum severity rating of Critical, with the remaining two considered just Important. With the eight security bulletins, Microsoft has patched 28 vulnerabilities, the most massive volume of holes since 2003.
In addition to Windows Vista SP1 and Windows XP SP3, the Redmond company indicated that a range of its software products were impacted by the December 2008 security bulletins, including additional Windows client and Server operating systems, but also Internet Explorer, Windows Media Player, various versions of the Office System including Office 2007 SP1 and Office 2008 for Mac, SharePoint Server, Office Word and Excel Viewer, also Visual Basic, and even Search Server.
Microsoft revealed that a single bulletin was set up to patch vulnerabilities for which exploit code was already available in the wild. Still, patches are, indeed, already available for security holes in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls), which can be exploited in the wild.
Windows Vista, including editions with SP1, are affected by 4 Critical, 2 Important, and 1 Moderate vulnerabilities, while Windows XP, even with SP3, is impacted by 2 Critical, 1 Important, and 2 Moderate security flaws.
Christopher Budd, security program manager, Microsoft Security Response Center, enumerated the December 2008 security bulletins releases:
· MS08-070: Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349) that is rated “Critical;”
· MS08-071: Vulnerabilities in GDI Could Allow Remote Code Execution (956802) that is rated “Critical;”
· MS08-072: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173) that is rated “Critical;”
· MS08-073: Cumulative Security Update for Internet Explorer (958215) that is rated “Critical;”
· MS08-074: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070) that is rated “Critical;”
· MS08-075: Vulnerabilities in Windows Search Could Allow Remote Code Execution (959349) that is rated “Critical;”
· MS08-076: Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807) that is rated “Important;”
· MS08-077: Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175) that is rated “Important.”
source:
news.softpedia.com
>> Click Here to Run a Free Scan for PC Errors <<
Send link 2 friend | Permalink
MORE RELATED ARTICLES:
Windows 7 RTM Safe from Vista and XP Critical Vulnerabilities || Vista SP2 and XP SP3 June 2009 Patches ISO Image Available || No Critical Patches for Vista SP2 || Microsoft patches critical Windows kernel flaw || Expression Blend 3 Preview for Vista SP1 and XP SP3
Comments(2)
legit vista home premium now showing
'evaluation copy' on desktop above clock.
currently in email contact with a joyce l. from m$
to try to resolve issue
vista does pass all genuine tests but still showing 'evaluation copy'
[no solution as yet]
thanks m$
seems it's due to my sp2 beta
given option to roll-back to sp1
if i choose
[then that evalution copy notice will disappear]
No new comments are allowed for this article.
For your questions use our KezNews Forum
Windows 7 RTM 7600.16385.090713-1255 HERE !
WGA problem with these updates
By GrandPa on 11.12.2008 - 18:12