Compared with previous Patch Tuesdays, November's version was quite small with Microsoft releasing only two patches for the Windows operating system: one rated critical and the other important.
The critical patch addresses an issue with how the Windows shell handles URIs. A specially crafted URI could allow an attacker to execute arbitrary code due to an error in the way it is validated. Currently the issue has only been identified to be exploitable through Internet Explorer 7. However, the actual flaw itself is in a shell DLL, which can be found in Windows XP and Server 2003.
Security firm Qualys noted that several patches that address a similar issue within other applications shows that this is likely not limited to IE7. The company also identified Mozilla and Adobe products as being potentially vulnerable. The second patch repairs an 'important' flaw in how Windows handles DNS. A spoofing vulnerability exists where a specially crafted response to a DNS request could redirect legitimate traffic to sites with less than legit purposes, Microsoft said in an advisory.
View: Full Article @ Betanews
The critical patch addresses an issue with how the Windows shell handles URIs. A specially crafted URI could allow an attacker to execute arbitrary code due to an error in the way it is validated. Currently the issue has only been identified to be exploitable through Internet Explorer 7. However, the actual flaw itself is in a shell DLL, which can be found in Windows XP and Server 2003.
Security firm Qualys noted that several patches that address a similar issue within other applications shows that this is likely not limited to IE7. The company also identified Mozilla and Adobe products as being potentially vulnerable. The second patch repairs an 'important' flaw in how Windows handles DNS. A spoofing vulnerability exists where a specially crafted response to a DNS request could redirect legitimate traffic to sites with less than legit purposes, Microsoft said in an advisory.
View: Full Article @ Betanews
http://x264.nl/vista_update.jpg
http://x264.nl/vista_updates_failed.jpg
Its rather annoying and makes vista feel so insecure.
Edit to below:
Well as you can see, some updates were installed successfully according to windows, but they are in the updates list again
Last edited by bob0r on 14 Nov 2007 - 10:50
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.