Microsoft fixes critical holes in Windows, Word, Publisher

By on May 13, 2008, 3:44 PM
Microsoft today released a set of patches as part of their monthly security update to plug critical holes in Microsoft Word, Publisher, and a critical vulnerability in Windows for which a Zero-day exploit has been available for weeks.

The critical Windows vulnerability was discovered in the Microsoft Jet Database Engine 4.0 and could be exploited through a Word document or an email. By convincing a user to click on a link in an email message to navigate to a malicious website that contains a specially crafted Word file, the flaw allowed an attacker to gain the same user rights as the local user.

Microsoft also remedied an issue rated as moderate that would allow an attacker to shut down and restart the Microsoft Malware Protection Engine used in the company’s security products including Windows Live OneCare and Windows Defender. Full details for the latest Patch Tuesday can be found here.




Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.