Microsoft to Issue 11 Security Patches

[Slimy]

On October 10, Microsoft will issue 11 security bulletins as part of this month's Patch Tuesday. Six of the updates affect Windows, with the highest severity being "critical." Another four patches will cover Microsoft Office, also with critical severity, while a moderate fix is slated for the .NET Framework.

Among the fixes will likely be a patch for the WebViewFolderIcon ActiveX control, which is part of the Windows Shell. An exploit has surfaced for a vulnerability in the control that could result in an attacker gaining the same user rights as a local user. Unlike with the VML fix, Microsoft has waited to patch the WebViewFolderIcon flaw, saying it was unaware of any actual attacks taking place.

Source

On 10 October 2006 Microsoft is planning to release:

Security Updates

• Six Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer. Some of these updates will require a restart.

• Four Microsoft Security Bulletins affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer. These updates may require a restart.

• One Microsoft Security Bulletin affecting Microsoft .NET Framework. The highest Maximum Severity rating for this is Moderate. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates may require a restart.

Microsoft Windows Malicious Software Removal Tool

• Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center.

Note that this tool will NOT be distributed using Software Update Services (SUS).

Non-security High Priority updates on MU, WU, WSUS and SUS

• Microsoft will release No NON-SECURITY High-Priority Updates for Windows on Windows Update (WU) and Software Update Services (SUS).

• Microsoft will release two NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).

Source

Edited October 5, 2006 by slimy

[someware]

honestly: this is starting to get annoying.... it seems we are constantly updating lol

I am glad they are working on patches though, hopefully with Vista they have taught their programmers how to secure code... either way i'm waiting until SP1 or some great game :p before I purchase Vista

[L3thal Veteran]

Keep them coming (Y)

[Jeev]

honestly: this is starting to get annoying.... it seems we are constantly updating lol

I am glad they are working on patches though, hopefully with Vista they have taught their programmers how to secure code... either way i'm waiting until SP1 or some great game :p before I purchase Vista

Annoying? "hopefully with Vista they have taught their programmers how to secure code"?

It's comments like that that **** me off because people can be ignorant enough to think that the most commonly used piece of software in the world can be perfect. Also Windows is the most complicated software engineering project ever attempted by humankind.

[sarcasm] Why don't you step into Linux or Mac OS... i've heard they are bug free and perfect.. but the rest of the world just hasn't clued in yet. [/sarcasm]

Just my 2 cents...

[boogerjones]

I also agree that it's a little annoying. What's worse is when we have to update the Windows Update or Microsoft Update software. Hopefully Vista's integrated update system won't need to be updated/restarted like XP's did on several occasions.

It's comments like that that **** me off because people can be ignorant enough to think that the most commonly used piece of software in the world can be perfect.

"Sloppy" and "not perfect" are not the same thing. And let's all be honest with each other: Vista is going to have exactly the same problem. Hopefully it will just be a little easier to update. Namely, we should be able to EASILY integrate individual updates into a Vista CD image. It sounds like that will be possible, but that doesn't mean it will be easy.

[Jeev]

Yes.. Vista will be FAR from perfect. I just hope they patch things up quickly and release service packs more often than they are for XP. I would rather have a constant stream of updates that address the known issues.. than have them mark bugs as "not going to fix".

And Vista setup does check windows update for updates before it installs. So that makes it a lot easier for end users to update.

[Miuku.]

[sarcasm] Why don't you step into Linux or Mac OS... i've heard they are bug free and perfect.. but the rest of the world just hasn't clued in yet. [/sarcasm]

You know what the difference is? You can patch a Linux system without having to restart the entire system - also the patching system in most distributions is faster, better and more easily controllable than MS patching system.

Yes, MS could learn from here and there.

[markwolfe Veteran]

^^^ Jeev was just trolling. No one mentioned Mac or Linux until he did, with such rancor.