If you don't use Auto Update and haven't checked for updates in the last 24 hours, you might want to do so.
This patch fixes 26 holes in security related to Microsoft Office and component programs, such as Excel, PowerPoint and Word. Redmond also released patches for vulnerabilities in Windows Messenger, Outlook Express and Windows Mail.
Read the Executive Summary here for a detailed description of each of the fixes.
http://voices.washingtonpost.com/securityfix/2008/08/microsoft_patches_26_security.html?nav=rss_blog
Microsoft Patches 26 Security Holes
Microsoft today released updates to fix at least 26 security vulnerabilities in its Windows operating systems and other software. At least 17 of those flaws earned Microsoft's "critical" rating, meaning they could be exploited to break into vulnerable systems with little or no help from the victim.
The 26 vulnerabilities are the most Microsoft has addressed since it had 25 in August of 2006, which also included 17 rated as critical, according to anti-virus firm Symantec.
Microsoft patched two holes in that have already been used in targeted attacks against people browsing the Web with Internet Explorer 6 and 7. In addition to those two fixes, one bundle of critical updates plugs five other security holes in Internet Explorer, most of which Microsoft said are present all versions of the browser.
Half of the flaws fixed in today's release were found in Microsoft Office and component programs, such as Excel, PowerPoint and Word. Redmond also released patches for vulnerabilities in Windows Messenger, Outlook Express and Windows Mail.
The updates are available through Microsoft Update or Automatic Updates. Office 2000 users can get Windows patches through either of those options, but will need to make a special trip to the Office Update page to grab the Office patches.
A patch-by-patch breakdown of today's updates is available from Microsoft, at this link here.
This update isn't just for Explorer, that's why I made sure to specify the other software it applies to. Lots of folks don't use IE but use the other software that is also affected by this security update.
Yes, and the other parts of MS software (like MS Outlook) are at least as prone to succumb to malicious code as IE is. Excellent alternatives exist for them as well.
0 Replies
DrewDad
3
Reply
Sat 16 Aug, 2008 03:08 pm
@fishin,
Quote:
I wonder when they are going to patch that great big hole that is Vista? lol
Turns out, people actually like Vista, as long as it's not called "Vista."
btw, I ran the Windows Update utility on both my laptop and desktop this afternoon - both came back with only one very minor (and optional) "fix" and that wasn't to address any vulnerabilities. There weren't any patches listed for any of my Office applications.
Stumble It!
Tweet This
Bookmark on Delicious
Share on Facebook
Share on MySpace