Microsoft has released its May set of security patches, fixing critical bugs in Word, Excel, Windows, Office, Internet Explorer, Exchange and the CAPICOM cryptography technology used by BizTalk Server.
Microsoft rates all seven groups of the updates as critical, but security experts said that IT administrators should be particularly concerned with the MS07-026 and MS07-029 updates, which fix flaws in Exchange and the Windows DNS server. The Exchange update fixes previously undisclosed flaws in Microsoft's messaging software that could be exploited to seize control of the server. Hackers could potentially install unauthorized software on the server simply by sending it a maliciously crafted e-mail message. Unlike the Exchange bugs, the flaw in Windows' DNS server flaw has been known for about a month and therefore attackers have already developed code that exploits the flaw. The problem affects Windows 2000 and Windows Server 2003 systems, which can be tricked into running unauthorized software when an attacker sends them maliciously encoded RPC packets to the DNS server.
News source: InfoWorld
Microsoft rates all seven groups of the updates as critical, but security experts said that IT administrators should be particularly concerned with the MS07-026 and MS07-029 updates, which fix flaws in Exchange and the Windows DNS server. The Exchange update fixes previously undisclosed flaws in Microsoft's messaging software that could be exploited to seize control of the server. Hackers could potentially install unauthorized software on the server simply by sending it a maliciously crafted e-mail message. Unlike the Exchange bugs, the flaw in Windows' DNS server flaw has been known for about a month and therefore attackers have already developed code that exploits the flaw. The problem affects Windows 2000 and Windows Server 2003 systems, which can be tricked into running unauthorized software when an attacker sends them maliciously encoded RPC packets to the DNS server.
News source: InfoWorld
Patch Download
Microsoft Security Bulletin MS07-029
Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution (935966)
http://www.microsoft.com/technet/security/...n/ms07-029.mspx
makes you feel like your running around publicly with no pants on. lol
You say that like its a bad thing?
You say that like its a bad thing?
Ok...scrap that reference.
lets see... makes you feel like you accidentally walked into the Blue Oyster Bar in the police academy movies with no pants. lol and your straight.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.