News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About
The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot your password?

Microsoft Fixes Zero-Day Bug in July Patch Tuesday

2012-07-11 08:06 by
Tags: Microsoft, Patch Tuesday

 

Microsoft released patches for 16 security vulnerabilities yesterday, including a bug affecting Microsoft XML Core Services that is being exploited in the wild. Three of the nine bulletins are rated "critical."

The zero-day vulnerability in Microsoft Core XML MS12-043 disclosed in early June was actively being exploited in the wild. The latest security update only fixed the heap overflow issue in MSXML versions 3, 4, and 6. Organizations running version 5, which corresponds to Office 2003 and 2007, should make sure to apply the interim FixIt measures until a future update is available. The other two critical vulnerabilities have not yet been exploited, but Microsoft predicted reliable exploit code may be available within 30 days.

The update also included a critical patch for Internet Explorer 9, the latest version of Microsoft's popular browser. The IE9 bulletin, MS12-044, swats two security bugs that can be exploited to remotely execute code.

"Apply this patch as quickly as possible if you run IE9. The exploitability index is 1, meaning that Microsoft believes that it is easy for attackers to reverse-engineer the patch and develop an exploit," blogged Wolfgang Kandek, chief technology officer of Qualys.

"What makes MS12-044 more interesting is that it's the product of an accelerated update cycle that Microsoft has been working on. In the past, Internet Explorer was updated only every two months—that was how long it took to get through all the compatibility testing required for a stable release. Now, Microsoft has streamlined this process to reduce the time needed by 50 percent."

Read more -here-

 

  Post your review/comments
    rate:
   avg:
comment discuss top

exec. time: 0.00699 s
Copyright © 1998-2014 Speed Guide, Inc. All rights reserved.
Terms of Use | Privacy Policy