Microsoft Patch Day: 7 Bulletins, 19 Flaws

May 9, 2007 by Kiltak |

Yep, it’s that time of the month again. The folks at Microsoft have just released seven new security bulletins as part of their monthly patch cycle. They have also updated their Malicious Software Removal Tool.

Here are the details:

-MS07-023: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (934233) - Max Severity: Critical

-MS07-024: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (934232) - Max Severity: Critical

-MS07-025: Vulnerability in Microsoft Office Could Allow Remote Code Execution (934873) - Max Severity: Critical

-MS07-026: Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832) - Max Severity: Critical

-MS07-027: Cumulative Security Update for Internet Explorer (931768) - Max Severity: Critical

-MS07-028: Vulnerability in CAPICOM Could Allow Remote Code Execution
(931906) - Max Severity: Critical

-MS07-029: Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution (935966) - Max Severity: Critical

Happy patching everyone!

You Might Also Like:

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • bodytext
  • StumbleUpon
  • Fark
  • Reddit
  • Technorati
  • Mixx
  • Pownce
  • Slashdot
  • TwitThis

Posted in Microsoft, Security, Software | | Random Post

Did you enjoy this post? If so, subscribe to the geeksaresexy RSS feed.

RSS feed | Trackback URI

5 Comments »

Comment by Bucky
2007-05-09 13:33:01
Oh joy!

Nothing I like better than updating my OS and Office apps.

Reply to this comment
 
Comment by Mackenzie
2007-05-09 14:53:38
And do they require a reboot? Probably. Any good reason for that? Not really… Will it stop some people from updating immediately and make them put it off for a while…maybe months? Yes.

I’m one of those people who updated once every 6 months because the reboot was annoying. Now I can update daily (if I’m unstable) or once or twice a week, but almost never reboot (unless it’s a kernel update, which is once every 3 or 4 months if you’re stable). I like it this way.

Reply to this comment
Comment by Kiltak
2007-05-09 16:48:04
Some of them do, but Microsoft has really been working hard on doing patches that do not require reboots. Unfortunately, they’re not there yet.. only 10% of them fall in this category, and about 80% MAY require a reboot… may! duh! :)
Reply to this comment
Comment by Mackenzie
2007-05-14 08:28:49
Uh…doesn’t help much. I mean, if you are still guaranteed to need a reboot on *every* Patch Tuesday, well…I’m still likely not to do the updates. If they could find a way to make it so that every other month was a “reboot now” Path Tuesday and the in between ones would have only no-reboot-required patches or something…I’d at least be persuaded to patch the Windows systems a bit more. It just seems ridiculous that so many monthly patches are somehow low-level enough to require a reboot. I don’t even know that they’re low-level though. It could just be a function of the way Windows operates. I know with Linux, if a driver crashes (such as my sky2 driver for my Marvell NIC which crashes on high throughput), I can unload and reload the modules, but on Windows it would blue screen.

Maybe the modularity of Linux is why I can have updates to the entire system (because instead of consciously checking for OOo or Firefox or Banshee or Sunbird or GRAMPS or whatever updates, they just come through with regular automatic updates) and not need to reboot; it just reloads the updated parts and keeps chugging. Windows isn’t modular, so it could be that it’s nearly impossible for Windows to just reload one chunk of itself to activate the update. If that’s the problem, maybe it should be made more modular so that it can handle things like low-level crashes (one part breaks, the rest just sort of amputates it and keeps going until it can be reattached instead of getting gangrene and dying) and activating updates on smaller parts of the system. Heck, with most large configuration changes on Linux, you just restart the graphical part of the OS (ctrl +alt+backspace or log out/in) which is much faster (for me, about 35 seconds faster…meaning it’s around 7-10 seconds) than rebooting. For driver modules, it’s “sudo modprobe -r $drivername” then “sudo modprobe $drivername” (-r is for “remove” but “rmmod” can replace “modprobe -r” as well) if you want to remove the out-of-date driver from memory and load the newly-installed one. It’s faster when setting up than waiting for Windows to reboot when installing drivers too.

(Comments wont nest below this level)
Reply here
 
 
 
Comment by Joshua Dorkin
2007-05-13 06:06:04
This is exactly why I switched to Mac!
Reply to this comment
 
Name (required)
E-mail (required - never shown publicly)
URI
Subscribe to comments via email
Your Comment (smaller size | larger size)
You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> in your comment.

| [GAS] Privacy Policy |