EmailSafety.net - Microsoft fixes IE, Office in big month of security updates

Microsoft fixes IE, Office in big month of security updates

Anti-Spam Software

What is Spam?

Spam Laws

Spam Facts

User Tips

Common Email Scams

What Are Visuses?

Virus Prevention Tips

Anti-Virus Software

Basic Tips

Recent News

Microsoft released patches to fix 19 critical vulnerabilities in its software Tuesday, including five flaws in its Internet Explorer browser that security experts advise IT administrators to patch immediately.

The total of 11 security updates released for August is the largest round of Patch Tuesday updates Microsoft has released since last February and should give IT administrators plenty to do to secure their companies' systems. "People are going to be quite busy with this load," said Jason Miller, security data team leader for Shavlik Technologies, a patch-management software provider in St. Paul, Minnesota.

Six of the patches, which can be found on Microsoft's Web site, are rated as critical, while five are rated as important.

Miller and other security experts cited Microsoft Security Bulletin MS08-045, a Cumulative Security Update for Internet Explorer, as the top priority among this month's batch of updates. The update patches five privately reported vulnerabilities and one that already has been disclosed publicly and for which attack code already exists, which makes it a zero-day flaw.

Related Content

Don Leatham, director of solutions and strategy for Lumension Security, said the fact that the IE vulnerabilities affect HTML (Hypertext Markup Language) is enough reason to make patching them of the utmost importance, since the opportunity for exploitation is so vast. "Every Web site in the world uses HTML," he said. Lumension, based in Scottsdale, Arizona, provides patch- and vulnerability-management software and services

Shavlik's Miller said that the IE patches and another critical update released Tuesday that fixes a vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access -- MS08-041 -- are related because they both allow an attacker to create a Web site that takes advantage of these vulnerabilities. He listed them both as priorities for immediate installation.

Leatham also cited the Snapshot Viewer exploit as a high priority for IT administrators because many businesses use Access and its Snapshot Viewer tool extensively.

"You can be assured people are using the viewer to share information with partners, customers and internally given the popularity of the Office suite and how much businesses tend to use Access," he said.

The IDG News Service is a Network World affiliate.

Recent News:

· Feds draw a bead on Russian behind Mega-D botnet
· Ransomware Attack Resurfaces to Hold Files Hostage
· Adobe Reader X Makes PDF Files Safer
· PayPal Users Beware of Holiday Phishing Scam
· McAfee Reports Malware at All-Time High

Site Map | Recent News | Related Sites