[ISN] Microsoft Fixes Nine Vulnerabilities In July Patch

From: InfoSec News <alerts_at_private>
Date: Wed, 15 Jul 2009 00:27:35 -0500 (CDT)
http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=218500470

By Thomas Claburn
InformationWeek
July 14, 2009

Microsoft (NSDQ: MSFT) on Tuesday released six security bulletins 
addressing nine different vulnerabilities in its software as part of its 
monthly patch cycle.

The July crop of patches includes three bulletins designated "critical" 
and three bulletins designated "important."

Affected software includes Windows, Microsoft Office, Internet Security 
and Acceleration (ISA) Server, Virtual PC and Virtual Server.

Two of the "critical" bulletins address vulnerabilities in the 
Microsoft's Video ActiveX Control and DirectShow component. Microsoft 
warned customers about these "browse-and-get-owned" vulnerabilities in 
July and May, respectively.

"Today's release is important because patches were released for two 
recent zero-day attacks -- a QuickTime file parsing vulnerability and 
the recently announced DirectShow vulnerability," said Eric Schultze, 
CTO of Shavlik. "Both vulnerabilities are reported as being actively 
exploited on the Internet."

[...]


_______________________________________________      
Attend Black Hat USA, July 25-30 in Las Vegas, 
the world's premier technical event for ICT security experts.
Network with 4,000+ delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com
Received on Tue Jul 14 2009 - 22:27:35 PDT

This archive was generated by hypermail 2.2.0 : Tue Jul 14 2009 - 22:37:46 PDT