Microsoft updates two critical security patches

Posted by Martin in Operating Systems, Security, Windows  Tags: , , , , , ,

24

Apr



It feels like I’m updating my computer every day in the last weeks. Microsoft issued yet another two security patches for Internet Explorer and the .net framework that can be downloaded from Microsoft Security Bulletin MS07-040 - Critical and Microsoft Security Bulletin MS08-024 - Critical. Both security patches are updated to patches that had been released before, one of them just a few weeks ago.

The Cumulative Security Update for Internet Explorer patches Internet Explorer 6 and newer versions of Internet Explorer. If the user visits a specially prepared website an attacker can gain the same rights on the Windows system as the user who is currently logged into the system. While this does not affect other browsers and to a lesser extent users who do not use administrative accounts it is still recommended to update the software immediately.

The Vulnerabilities in .NET Framework Could Allow Remote Code Execution patch fixes three security vulnerabilities. Two of them allow remote code execution and one information disclosure. It is again advised to update the system immediately to fix those security holes.


Like such posts? Get updates via RSS NEWS FEED. Love Ghacks? Find out how you can help!

5 Users Commented In This Post

Subscribe To This Post Comment Rss Or TrackBack URL
Transcontinental says:

There is something I don’t understand about these security patches.

- If I go to Microsoft Update, the scan tells me no updates are required on my system. Is this relevant? If no :
- If I go to the MS07-040 and the MS07-024 pages provided by your (Martin’s) links here above, how do I download the patches? I just don’t understand.

Whatever, thanks for your advice regarding my lack of knowledge.

Behnam says:

Hi
i need your former project proxyrama source code can you send it’s download link or guide me to find it .I’ll wait for you.
Thanks

headlites says:

I too scanned with microsoft update and discovered that they aren’t on there. Please advise.

Martin says:

Transcontinental I usually click on Component in the table which should lead to the download. A check however revealed the old files, or at least the old release dates of the files on the Microsoft homepage. I’m not sure if Microsoft has not yet update it or if they forgot to update the release date. Not sure what’s going on though.

I did check Windows Updates as well and the patches were not found either.

Transcontinental says:

OK, Martin, thanks. The point is, up to now, I’ve always relied on Microsoft Update (its Patch Tuesday) for all system updates. It seems some updates could not appear in the scan, which is a source of worry. I’ve even read that XP SP3 - mainly a sum of updates since SP1 - would include updates “missed” by all previous updating from MS Update…

I admit at this point a certain confusion, and Microsoft always seems to be very little inclined to propose information to non-techies.

Leave Your Comments Below
Hello, please leave your thought below

Please Note: Each comment will be manually approved by an admin. There is no guarantee that a comment will be posted. Please do not submit the comment multiple times.