compromised Web page

Microsoft Issues Largest Number of Patches Since 2003

Submitted by admin on Wed, 12/10/2008 - 15:08.

Microsoft released eight security bulletins and one security advisory on Tuesday. It scored six of the bulletins critical and two important.

December's list of 28 vulnerabilities is the largest Microsoft has addressed since it first designated the second Tuesday of each month Patch Tuesday in late 2003. All the critical issues are client-side remote-code execution vulnerabilities, meaning any attacks would require user interaction -- as little as viewing a compromised Web page.

Patch Tuesday Light, But Security Fixes Are Critical

Submitted by admin on Wed, 11/12/2008 - 13:26.

Microsoft on Tuesday patched four vulnerabilities in two security updates for Windows and Microsoft Office. Compared to recent Patch Tuesdays, November is a light month and Microsoft did some housecleaning by fixing a critical bug disclosed nearly two years ago.

MS08-069 is the most serious of the November updates, fixing three individual flaws in Microsoft XML Core Services. This vulnerability went public more than 22 months ago. The other update, MS-08-068, is rated important and fixes a flaw in the Server Message Block (SMB) protocol.