[ insider_reports_insider ]
XML Fix Ready For Patch Tuesday
David Utter
Staff Writer
2006-11-10
 Insider Reports RSS Feed
Microsoft's monthly patch release date will see the company provide a fix for a zero-day exploit affecting a Critical issue with its XML Core Services, along with repairs for other problems.
 | | "patch-work" |  |
The exploitable flaw in Microsoft's XML Core Services will receive the necessary ministrations from the engineers in Redmond. Unofficially but universally referred to as Patch Tuesday, the second Tuesday of the month sees Microsoft release updates for pending issues.
Their latest advance notice of the forthcoming security bulletins also noted that five additional fixes for Windows have been slated for a Patch Tuesday release.
We will be surprised if a patch for an ActiveX control flaw in daxctle.ocx is not part of next week's bounty of fixes from Microsoft. The issue with the DirectAnimation Path ActiveX Control had been publicized in mid-September, but was not among the October repairs Microsoft released.
The XML Core vulnerability has the potential to affect a broad number of users as it is exploitable through Internet Explorer. It was discovered as a zero-day exploit, and malicious code affecting it has been seen online.
Microsoft noted in their Security Response blog that they were aware of limited attacks targeting the vulnerability. However, a malicious party would have to entice someone using Internet Explorer to visit a webpage crafted to exploit the issue.
---
Tags: Microsoft, XML Core
Add to  Del.icio.us |  Digg |  Reddit |  Furl
Get all the updates - 
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
