Microsoft: three critical patches coming next week

By on July 10, 2009, 12:54 PM
Microsoft plans to ship six security bulletins next Tuesday as part of its monthly patch cycle. Three of them are rated as critical and affect several Windows versions, according to the Security Advisory, while the remaining three are rated as important and bring fixes for other Microsoft products – Publisher, Internet Security and Acceleration (ISA) Server and Virtual PC and Virtual Server.

The critical patches include one for a previously-disclosed vulnerability in DirectShow, which has seen “limited attacks” in the form of specially crafted QuickTime files that could allow remote code execution. Microsoft also says it’s been working around the clock to produce an update for the “browse-and-get-owned” ActiveX flaw in time for Tuesday, but they aren't making promises at this point. The company issued a warning for the flaw earlier this week and advised customers to temporarily disable the ActiveX component in Internet Explorer.

Microsoft provided few details about the third critical update, except to say that it affected all versions of Windows. More information will be available on the Security Research and Defense blog next week.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.