Four Microsoft security patches due next week

Microsoft plans to fix critical bugs in its Word, Publisher, and Jet database software next week.

The software vendor also plans to release a less-critical update for its antivirus products, fixing a flaw that attackers could use to launch a denial of service attack against products such as Windows Live OneCare and Microsoft Forefront Security.

The updates will be released Tuesday, the day set aside for Microsoft's monthly set of security patches. Microsoft provided some early details on the patches Thursday, in a note on its Web site. Microsoft considers flaws to be critical when they could be exploited by attackers in order to run unauthorized software on a victim's system.

Although Microsoft's note does not describe the bugs in detail, it looks like the company is planning to fix a known bug in the Jet database engine, which was disclosed in late March. Attackers had figured out a new way to launch a malicious Jet file using Microsoft Word, Microsoft warned in a blog posting.

View: Full Article @ InfoWorld

Report a problem with article
Previous Story

Microsoft: Windows Vista sales "rapid" at 140m copies

Next Story

Emo on the web: exploring a subculture

4 Comments

Commenting is disabled on this article.

'Blog post'
...we have already shipped [the updated msjet40.dll] in Windows Server 2003 SP2, Windows Vista, and it is included in beta versions of Windows XP SP3

For a moment there I thought we were going to get MDAC 2.9, but it turns out most of the machines I manage are already patched...

There is no MDAC 2.9 Probably never will be, either.
Current version for XP/2k3 is 2.8 SP2, while Vista has it's own variant of that (numbered 6.0 for no particular reason.)

There's probably not going to be an major MDAC update until at least Windows 7, although minor updates or hotfixes are always a possibility.