Four Microsoft security patches due next week
Posted by Steven Parker on 09 May 2008 - 09:47 · 4 comments & 3326 views
About the Author
Full name: Steven Parker
Forum name: Neobond
Contact: via forum PM
Submissions: Normal · Headline
Full name: Steven Parker
Forum name: Neobond
Contact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google- Advertisement
-
-
(1 reply)
#1 Posted by magik on 09 May 2008 - 13:37
- Their antivirus software has a DoS vulnerability? Man...
-
#1.1 Posted by soldier1st on 09 May 2008 - 16:07
- (magik said @ #1)Their antivirus software has a DoS vulnerability? Man...
not surprising as it is complete garbage.
-
(1 reply)
#2 Posted by +mrbester on 09 May 2008 - 16:14
- 'Blog post'...we have already shipped [the updated msjet40.dll] in Windows Server 2003 SP2, Windows Vista, and it is included in beta versions of Windows XP SP3
For a moment there I thought we were going to get MDAC 2.9, but it turns out most of the machines I manage are already patched... -
#2.1 Posted by Airlink on 12 May 2008 - 05:42
- There is no MDAC 2.9 Probably never will be, either.
Current version for XP/2k3 is 2.8 SP2, while Vista has it's own variant of that (numbered 6.0 for no particular reason.)
There's probably not going to be an major MDAC update until at least Windows 7, although minor updates or hotfixes are always a possibility.
The software vendor also plans to release a less-critical update for its antivirus products, fixing a flaw that attackers could use to launch a denial of service attack against products such as Windows Live OneCare and Microsoft Forefront Security.
The updates will be released Tuesday, the day set aside for Microsoft's monthly set of security patches. Microsoft provided some early details on the patches Thursday, in a note on its Web site. Microsoft considers flaws to be critical when they could be exploited by attackers in order to run unauthorized software on a victim's system.
Although Microsoft's note does not describe the bugs in detail, it looks like the company is planning to fix a known bug in the Jet database engine, which was disclosed in late March. Attackers had figured out a new way to launch a malicious Jet file using Microsoft Word, Microsoft warned in a blog posting.