MS Patch Tuesday: Critical IE, Office, Excel patches coming

MS Patch Tuesday: Critical IE, Office, Excel patches coming

Summary: Next Tuesday (August 12th), Microsoft will ship 12 security bulletins with fixes for serious vulnerabilities in a wide range of of widely deployed products.Seven of the 12 bulletins will be rated "critical," Microsoft's highest severity rating.

SHARE:

Critical IE, Office, Excel patches comingNext Tuesday (August 12th), Microsoft will ship 12 security bulletins with fixes for serious vulnerabilities in a wide range of of widely deployed products.

Seven of the 12 bulletins will be rated "critical," Microsoft's highest severity rating.

The critical bulletins will cover remotely exploitable flaws in Internet Explorer, Windows Media Player, MS Excel, MS PowerPoint, MS Access, MS Office and the Windows operating system.

The other five will carry an "important" rating and will include patches for bugs in Windows, Outlook Express, Windows Mail, Windows Messenger and Microsoft Word.

Windows Vista and Windows Server 2008 are affected by five of the bulletins.

It is very likely that the critical MS Access fix is for a known -- and under attack -- ActiveX control vulnerability in the Snapshot Viewer for Microsoft Access.

A pre-patch advisory is already available to warn about the MS Access attacks:

An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.

The ActiveX control for the Snapshot Viewer for Microsoft Access enables you to view an Access report snapshot without having the standard or run-time versions of Microsoft Office Access. The vulnerability only affects the ActiveX control for the Snapshot Viewer for Microsoft Office Access 2000, Microsoft Office Access 2002, and Microsoft Office Access 2003.

The ActiveX control is shipped with all supported versions of Microsoft Office Access except for Microsoft Office Access 2007. The ActiveX control is also shipped with the standalone Snapshot Viewer.

Topics: Browser, Collaboration, Microsoft, Operating Systems, Security, Software, Software Development, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

26 comments
Log in or register to join the discussion
  • update to MSupdate ..

    any news on when the update to ms-update is being released
    bksgs1
    • Patch Tuesday...

      ... same as always. (2nd Tuesday of every month)
      MeezerW
  • I have to vent about vista

    I couldn;t understand why everyone hated it, I hadn;t used it and bought it. It seemd great, less laggy and more stable than xp. Than i tried 4 vpn services and none will connect. And some downloads show in download window while others don't and windows firewall turns on automatically when i turn off zone to check the vpn. It just doesn;t act rationally. I even got the vpn to connect and then it stopped connecting yet nothing changed. And unlike xp you can't go on google to find a simple fix because THERE IS NONE. I can't do what i want with my pc because i have vista. It also wouldn;t work with a third party chat.
    pepelapew@...
    • If you have to vent...

      ...then it may be time to think about Linux.
      VPNs, chat, and IRC _work_, and are usually available built-in, as part of the distribution you get (there are lots of choices; fwiw, I find Mandriva <http://www.mandriva.com/>
      very friendly and complete out-of-the-box).
      cjcoats
      • Or just stick with XP

        I installed Ubuntu as a VMWare Workstation 6 guest under XP. Install was easy. Fonts looked like cr@p. Had to do some research, open a terminal session, enter some arcane commands to install new fonts, to include MS fonts. Fonts still looked like cr@p. Learned I should probably install VMWare tools. Had to do more research. Unpack some files to /tmp/. Issue more arcane commands to download and install some prerequiste stuff. Issue more arcane commands to get the VMWare tools to install. Got well into install and got some obscure error message at which point everything stopped. Yeah, 90 minutes spent trying and failing to install VMWare tools. Let me tell you how the VMWare Tools install went running XP or Vista in a VM: double-click setup.exe and followed the prompts. Vista, as much as I hate it so far, at least made this much easy.

        My point is that there's no need to switch to Vista OR Linux if you can stay with XP. But, when eventually forced to switch (buying a new PC), I still cannot see how the barely Windows-literate people will EVER handle Ubuntu. As soon as you ask these folks to open a terminal window and type things like "sudo", forget it.... Now, considering a Mac, I can easily understand.
        bmgoodman
        • Or, try openSUSE 11 ...

          ... and do everything within YaST. Once you have launched it, and put in the root password to make system changes, everything is pretty easy with the YaST GUI.

          Hint: in some instances, Ubuntu isn't ready for the enterprise any more than Vista is. Just as you need to continue to use a true, enterprise-ready Windows OS like XP, you should continue to use an enterprise-ready Linux distro like openSUSE, SUSE Linux Enterprise, Redhat or CentOS.
          OButterball
          • open suse 11 is more than any windblows program

            even buntu has it beat. buntu you can use virtual box and have windows programs accesable. open suse on the other hand is the ultimate of all programs out there...the inside scoop...an un named builder of windows 7 said that open suse 11 is better and a lot more than what we are building.. he has open suse 11 at home... so that tells me that the windows 7 is just another pretty joke like winblows vista... up to the users to help pick the builders bugs out of the operating program through their updates and complaints...
            dogrun7@...
          • Rather misleading....

            RedHat and CentOS are great servers. But I run CentOS on a box at home and I don't think I'd pick it as my daily desktop just yet. Its configuration options are really no different than Ubuntu. I left Fedora because Ubuntu tended to "just work" better than Fedora and had better community support. I'm thinking about trying Fedora again however as it has a more power user/developer feel to it out of the box. Ubuntu feels more like a general use install.

            Now as for OpenSUSE. I finally got around to installing it on a VM to try to check out the hype. And so far I'm just not seeing it with Yast...at least not to the extent that people make it out to be. The OpenSUSE install as a whole just hasn't struck me as being as intuitive as my first go arounds with Fedora and Ubuntu. I'm trying to see if its just KDE or is it really OpenSUSE.
            storm14k
        • Why open a command line...

          The first thing you did on the command line...install MS fonts...could have been done in the Add/Remove software tool. Its funny how people skip the GUI's that the claim to love so much and run to the command line only to complain.

          My suggestion to the poster. Go ahead and load up Ubuntu. You'll get the benefit of new OS features instead of waiting around on an OS that is scheduled to die. And if you want to use a VM for non server use go with VirtualBox. You can install it right from your Add/Remove GUI or from the Sun website and have your guests up and running in minutes.

          Ignore the "scary command line" buffoonery. These people boot up...open a browser...do searches and start trying stuff right off the bat when just a few clicks in the three menus up at the top of your Gnome install often get you what you want with no command line. Why they take the long route I don't know.
          storm14k
    • Vista doesn't deliver to me either!

      Funny.. I installed Vista "out of the box" on a rather outlandish configuration and had no problems with VPN, chat or anything.

      I guess I must be doing something wrong then...

      Darn, and I just like a good gripe!
      Snarfiorix
      • Can't gripe either

        Geez. I have no problem with my VPNs either with Vista. I've got a couple of minor issues dealing with portable devices and Visual Studio 2005, but I have easy-enough workarounds for that.

        I guess I just need to gripe about not having enough to gripe about.
        slaskoske
      • Same for me

        No problems whatsoever. The only VPN issue I have is Cisco can't be bothered to make a 64-bit client...
        CreepinJesus
      • So, what OTHER programs are you running ...

        ... "out of the box"?

        If it's just Solitaire, well, yeah, I guess you won't have any problems running in the enterprise!
        OButterball
  • RE: MS Patch Tuesday: Critical IE, Office, Excel patches coming

    Yep. Stay on XP.

    Additionally, if there are not smooth roads leading out of your town, you should never leave it. Why would you want to explore, self-educate and make informed decisions. Keep being fed and remember what happens to most domesticated live stock for its end of this "free food" bargain.

    Wake up from your winDOZE.
    tomstoner@...
  • RE: MS Patch Tuesday: Critical IE, Office, Excel patches coming

    Ha! That's if you can get the damned OS to install. After about 1.5 months, I'm still waiting for a satisfactory solution on how to install it openSUSE 11!And don't tell me to go to the "boards" as I've been everyplace so-called "experts congregate on-line. No one can give a clear, intelligible, coherent , cohesive answer!
    As far as the MS security holes are concerned, "yawn" just some more of the "garbage-in garbage-out" crap ware from Redmond. You knew something like this was going to come sooner than later.
    Sirgwain
  • RE: MS Patch Tuesday: Critical IE, Office, Excel patches coming

    And the Linux critics talk about how distros are in "permanent beta!" What do you call this???

    I have Ubuntu dual booting at home and (thanks to Wubi) on my Windows machines at work w/o the partitioning effort. I find I am using Ubuntu for more and more daily tasks.

    Vista is there when -and if- I need it.
    psion@...
  • Yaaawwwwnnnnnn

    Who actually cares? Funny thing, the other OS 'scoffers' who think they are so special and smug, swoop in for the digs and hoot fest. Little do THEY know if their precious no-name OS goes main stream, all hell will break loose, and it will be ripped to shreads. Already happening with pOSX. <a href="http://www.screencast.com/t/6d98AKoUJ">SecurityUpdate</a>
    Crestview
  • RE: MS Patch Tuesday: Critical IE, Office, Excel patches coming

    Holding off on "critical" updates is like Steve Ballmer needing an ambulance on Wednesday and the 911 operator stating that ambulances only run on Tuesday.

    Both policies are pretty dumb
    ebhb2004@...
    • That's just plain stupid of M$ as usual...

      Why wait until Tuesday to issue them? If they're THAT critical, they need to be released NOW.
      hasta la Vista, bah-bie
  • RE: MS Patch Tuesday: Critical IE, Office, Excel patches coming

    I'm not griping just to hate vista it;s just frustratingggg
    owen35ny