Microsoft will be releasing a security patch to address a vulnerability in ASP.NET documented in security advisory 2416728, “Vulnerability in ASP.NET Could Allow Information Disclosure.” The bulletin lists just about every still supported desktop and server OS along with what appears to be every still supported .NET version. Read more »
Microsoft Patch Tuesday for July 2007
It’s the second Tuesday of July and that means patches from Microsoft. This month brings six patches, three rated critical, two important, and one moderate. Only five of the patches (and only two of the critical patches) are for desktops. The sixth patch only affects server operating systems. Windows Vista also gets its own unique [...] Read more »
Microsoft Patch Tuesday for June 2007
Microsoft released six security patches today. Four of them were rated critical, one important and one moderate. There are patches for all supported desktop OS platforms, Internet Explorer, a couple mail apps and for a couple versions of Visio. There aren’t any Office patches. The four critical desktop patches are: MS07-031 for Windows XP SP2, [...] Read more »
Symantec: Hackers Can Bypass Firewall With Windows Update
Symantec has been in the news recently for saying Microsoft’s Windows Update can be used to update malware. Specifically, for using BITS (Background Intelligent Transfer Service) to update itself. Some took the headline view when they posted about the story and gave the impression that Windows Update was vulnerable. It makes good headlines to say [...] Read more »
May 2007 Patch Tuesday
Microsoft released five critical security bulletins for desktop software today. In line with a growing trend, 3 of the 5 were for application software and not operating systems. Most of the vulnerabilities were also intended to be exploited through a website. Mac users also take notice since Office 2004 for the Mac is also vulnerable [...] Read more »