Microsoft fixed six vulnerabilities which are critical for Windows, Word, Publishers and Anti-Virus software.
First up on the critical list is a Microsoft Word patch, an update resolving what the software giant said were “two newly discovered and privately reported vulnerabilities” in the popular application that could allow hackers to deploy remote code execution (RCE) exploits through a maliciously crafted Word file. If successful, when a user clicks on the file, a hacker would be able to install, view, edit, change or delete capabilities when it comes to data. The intruder could also create new accounts and adjust user profiles for elevated privileges on the workstation and, by extension, the network.
The second patch patches a vulnerability in several versions of Microsoft Publisher, the company’s consumer and small business-grade desktop publishing program. Although Microsoft designated the fix as critical, Amol Sarwate , the manager of Qualys Inc.’s vulnerability research lab, downplayed the patch as nothing new. “This is just another of the kind we’ve seen in the past year where client-side applications are being targeted,” he said.
Meanwhile, the third patch, involving the Jet Database Engine — in many processing environments, the foundation for Windows products and applications on the OS — is probably the most vital of the critical patches. Security administrators, systems administrators, and even database and network administrators would all do well to pay attention to this bulletin as well as monitor the results after installation.
Lastly, the lone moderate patch, while not critical, deals with a potential denial of service hack that can lock administrators and users out of Windows Live OneCare, Microsoft Antigen, the Windows Defender security program, Forefront and the Standalone System Sweeper.
According to Redmond, two of the four patches will require a restart of the system after installation.
Source: Redmond Channel partner
Filed under
Enterprise Software,
Service Pack and Patches | Tags:
Jet Database engine,
Microsoft,
MS08-026,
MS08-027,
MS08-028,
MS08-029,
Patch | Comment Below
Related?
Microsoft Fixed Blaster Worm AttackJanuary 14th, 2008 Microsoft patches a critical flaw in the Windows operating system that could be used by criminals to create a self-copying computer worm attack. The software vendor released its first set of patches for 2008 on Tuesday, fixing a pair of networking flaws in the Windows kernel.
Microsoft Announces Three Critical PatchesJune 6th, 2008 Microsoft plans to announce seven fixes for its upcoming June 10 issue of Security Bulletin. Three out of Seven are critical patches.
Oracle, Microsoft, RIM Released Impotant PatchesJanuary 13th, 2009 Oracle is supposed to release the update of critical patches on Tuesday. It includes 41 security patches in its database and enterprise software products.
Apple's DNS Server still VulnerableAugust 4th, 2008 Apple released patches for 17 different flaws of its Mac OS X server. But, as per latest research the patch didn't do anything.
Windows XP SP3 Coming on April 29 for DebutApril 15th, 2008 Although, Microsoft didn't say anything officially, according to the tech site, Neowin, Microsoft's release schedule for XP SP3 is as follows:
April 14, 2008: Support is available for the release version of Service Pack 3 for Windows XP
April 21, 2008: Original Equipment Manufacturers, Volume License, Connect, and MSDN and TechNet subscribers
April 29, 2008: Microsoft Update, Windows Update, Download Center
June 10, 2008: Automatic Updates
Windows XP is seen as a relatively "lightweight" and better-performing alternative to Windows Vista. However, there are some grey area in XP and SP3 promises to give it further boost.
Azure, Microsoft Windows Version to Offer Cloud Computing for DevelopersOctober 31st, 2008 Microsoft recently announced the availability of new OS platform Windows Azure at the start of Microsoft's Professional Developer Conference. Windows Azure will to provide service hosting and management, low-level scalable storage, computation and networking.
Automatic Update for Office 2007 sp1 to be Available in JuneMay 11th, 2008 Last December, Microsoft rolled out Service Pack 1 , a total of 320 MB. The update includes fixes for 455 issues throughout the entire Office suite.
Windows 7 Enterprise Edition is Less than 3 months Away for Microsoft Subscription CustomersJuly 14th, 2009 Microsoft senior VP Bill Veghte said that Enterprise customers who subscribed to any of a number of Microsoft's Volume Licensing programs can access Windows 7 on Sept 1. The consumer version is going to be available on October 22nd.
