Microsoft released yesterday (7/8/2008) four update packets that fix nine vulnerabilities. Along with the vulnerability fixes a new version of Microsoft Windows Malicious Software Removal Tool was released too.
MS08-037 update fixes two vulnerabilities in Windows Domain Name System (DNS). Affected systems are all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003 and Windows Server 2008.
MS08-038 update fixes a vulnerability in Windows Explorer that could allow remote code execution when a specially crafted saved-search file is opened and saved. Affected are all supported editions of Windows Vista and Windows Server 2008.
MS08-039 update fixes two vulnerabilities in Outlook Web Access (OWA) for Microsoft Exchange Server. This update is rated important for all supported editions of Microsoft Exchange Server 2003 and Microsoft Exchange Server 2007.
MS08-040 update fixes four vulnerabilities in SQL Server memory handling. Update is rated important for supported releases of SQL Server 7.0, SQL Server 2000, SQL Server 2005, Microsoft Data Engine (MSDE) 1.0, Microsoft SQL Server 2000 Desktop Engine (MSDE 2000), Microsoft SQL Server 2005 Express Edition, Microsoft SQL Server 2000 Desktop Engine (WMSDE), and Windows Internal Database (WYukon).
More information about the updates can be read from Microsoft Security Bulletins (links above).
The easiest way to update is to use Microsoft automatic update service.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment