IT Management Begins With Security
SecurityProNews > Insider Reports > Insider > Microsoft Fighting 11 Flaws On Tuesday
Search:
[ insider_reports_insider ]

Microsoft Fighting 11 Flaws On Tuesday



David Utter
Staff Writer
2006-10-06

SecurityProNews: Insider Reports Insider Reports RSS Feed


Every system and network administrator's favorite time of the month, the unofficially-celebrated Patch Tuesday, arrives next week with eleven patches ready to battle a host of vulnerabilities.

Patch vs. Flaws
Patch vs. Flaws

Critical issues will be addressed when October 10th rolls around with plenty of updates from Microsoft to keep admins busy and the various flavors of Microsoft's Automatic Update buzzing. Patches for the Windows operating system, the Office productivity suite, and one for the .NET Framework have been slated for release.

Actual details of what the patches will fix won't be discussed until those patches go online. That is customary for Microsoft's monthly patch process, due to the frightening speed with which malicious coders go after newly-disclosed flaws.

Quite a few of Microsoft's patches come from privately disclosed vulnerabilities, as reported to the company by responsible security researchers. When Microsoft makes its patches public, a race begins for people who want to exploit the flaws before end users can patch them on their systems.

The security advisory site Secunia has a couple of Microsoft vulnerabilities highlighted on its main page. They have rated both as Critical due to the potential for being exploited remotely.

Both issues will likely receive the familiar patch ministrations from Microsoft. One flaw in Windows, as reported by noteworthy hacker H D Moore, affects the WebViewFolderIcon ActiveX control (webvw.dll). A malicious website could exploit this through the Internet Explorer browser.

Another affects Internet Explorer, and the problem can be exploited by viewing a web page that passes certain code to the Microsoft Media Controls ActiveX control, daxctle.ocx. Microsoft's advisory contains a workaround.

A critical issue in Office stems from a PowerPoint vulnerability and reportedly has been making the rounds online. Recipients of PowerPoint presentations from unknown senders should not open them.

---
Tag:

Add to Del.icio.us | Digg | Yahoo! My Web | Furl

Bookmark SecurityProNews -



View All Articles by David Utter




About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.

More insider_reports_insider Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - 1998-2008 All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds