Wednesday, 13 September 2006
Microsoft Patch Tuesday Fixes Three Flaws; Zero-Day Open |
| |
|
| |
Microsoft has released three patches to fix Office vulnerability as well as two Windows flaws. The critical patch (MS06-054) addresses a hole in Microsoft Publisher that 'could allow remote code execution'. The two Windows-related patches are rated important (MS06-052) and moderate (MS06-053), and address flaws with Reliable Multicast Program and indexing services, respectively. Absent from today's offerings was a patch that would fix the current zero-day Word exploit.
When Microsoft issued its monthly pre-release security patch advisory late last week, the vendor said to expect three patches, including one critical patch, and one for a flaw in Office. Many assumed that meant Microsoft would be addressing the vulnerability exploited by the MDropper.Q Trojan, a so-called 'zero-day' exploit because the malware and the underlying security vulnerability were discovered at the same time.
However, that wasn't the case, as the company has yet to fix the Word 2000 bug. Microsoft says that it is still investigating the issue.
|
| |
|
|
| |
|
|
| |
|
|
| |
|
