http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=218500470 By Thomas Claburn InformationWeek July 14, 2009 Microsoft (NSDQ: MSFT) on Tuesday released six security bulletins addressing nine different vulnerabilities in its software as part of its monthly patch cycle. The July crop of patches includes three bulletins designated "critical" and three bulletins designated "important." Affected software includes Windows, Microsoft Office, Internet Security and Acceleration (ISA) Server, Virtual PC and Virtual Server. Two of the "critical" bulletins address vulnerabilities in the Microsoft's Video ActiveX Control and DirectShow component. Microsoft warned customers about these "browse-and-get-owned" vulnerabilities in July and May, respectively. "Today's release is important because patches were released for two recent zero-day attacks -- a QuickTime file parsing vulnerability and the recently announced DirectShow vulnerability," said Eric Schultze, CTO of Shavlik. "Both vulnerabilities are reported as being actively exploited on the Internet." [...] _______________________________________________ Attend Black Hat USA, July 25-30 in Las Vegas, the world's premier technical event for ICT security experts. Network with 4,000+ delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting. http://www.blackhat.comReceived on Tue Jul 14 2009 - 22:27:35 PDT
This archive was generated by hypermail 2.2.0 : Tue Jul 14 2009 - 22:37:46 PDT