Four critical updates this Patch Tuesday

11 updates to be issued by Microsoft in October's monthly patch release: 4 critical.

Microsoft has prepared a total of 11 updates for the October round of its monthly patch release cycle, with four updates being rated 'critical'.

The four critical updates cover vulnerabilities in Active Directory, Internet Explorer, Microsoft HIS (Host Integration Server) and Excel. All the vulnerabilities could be exploited to execute arbitrary code from a remote source, hence their being given the highest rating.

In addition to the four critical updates, six more are rated 'important', while just one is assigned the lower rating of 'moderate'.

As always, users are advised to ensure they install updates as soon as possible to optimise security. More details on the release are in the advance notification, here.

Users are also warned to be wary of fake emails that have been circulating recently, which are designed to fool the recipient into believing they are from Microsoft and contain urgent updates, but which actually contain malicious code. While not crafted with a great deal of skill - for example including grammatical errors and referring to several versions of Windows which are no longer supported - their timing (to more or less coincide with the Patch Tuesday cycle) may be enough to fool unwary users. Microsoft, of course, never sends its updates as attachments to emails, and users are advised to receive updates through the Microsoft Update and Windows Software Update Services components or download directly from the Microsoft site.

14 October 2008

Tags: exploit, microsoft, patch tuesday, update, vulnerability. del.icio.us digg this

0 comments

December issue of VB published

The December issue of Virus Bulletin is now available for subscribers to download.

Worm targets MS08-067 vulnerability

Exploit attack patches flaw once system penetrated.

Microsoft to replace OneCare with free AV product

OneCare retirement announced, new product will be lighter on systems and pockets. (4 comments)

ICANN pulls plug on registrar favoured by cyber crooks

After a week's stay of execution, ICANN decides EstDomains will be terminated. (1 comment)

Disconnection of dubious provider sees spam levels plummet

Web-hosting firm believed to be responsible for 75% of spam.

News Archive

Calendar of Events

Polls

Poll

Should anti-virus software be free for personal use?

Leave a comment
View 46 comments

VB100 certification

The final VB100 of the year sees a double whammy of potential pitfalls for our comparative participants - the Vista operating system, which still seems shiny and new as well as a little scary (to both developers and users), as well as the x64 architecture, whose ostensible compatibility with standard 32-bit software belies oddities and intricacies that developers ignore at their peril. The announcement of the test brought a few surprises, as several regulars opted to skip this one, but the majority of veteran competitors took part as usual, along with several newer faces, many of whom look set to join the ranks of our regulars.
See full results.

Virus Bulletin currently has 144,550 registered users.

Fighting malware and spam

Four critical updates this Patch Tuesday

0 comments