Microsoft updates two critical security patches - gHacks Tech News

Microsoft updates two critical security patches

It feels like I'm updating my computer every day in the last weeks. Microsoft issued yet another two security patches for Internet Explorer and the .net framework that can be downloaded from Microsoft Security Bulletin MS07-040 - Critical and Microsoft Security Bulletin MS08-024 - Critical. Both security patches are updated to patches that had been released before, one of them just a few weeks ago.

The Cumulative Security Update for Internet Explorer patches Internet Explorer 6 and newer versions of Internet Explorer. If the user visits a specially prepared website an attacker can gain the same rights on the Windows system as the user who is currently logged into the system. While this does not affect other browsers and to a lesser extent users who do not use administrative accounts it is still recommended to update the software immediately.

The Vulnerabilities in .NET Framework Could Allow Remote Code Execution patch fixes three security vulnerabilities. Two of them allow remote code execution and one information disclosure. It is again advised to update the system immediately to fix those security holes.





  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. Transcontinental said on April 24, 2008 at 3:18 pm
      Reply

      There is something I don’t understand about these security patches.

      – If I go to Microsoft Update, the scan tells me no updates are required on my system. Is this relevant? If no :
      – If I go to the MS07-040 and the MS07-024 pages provided by your (Martin’s) links here above, how do I download the patches? I just don’t understand.

      Whatever, thanks for your advice regarding my lack of knowledge.

    2. Behnam said on April 24, 2008 at 3:24 pm
      Reply

      Hi
      i need your former project proxyrama source code can you send it’s download link or guide me to find it .I’ll wait for you.
      Thanks

    3. headlites said on April 24, 2008 at 3:31 pm
      Reply

      I too scanned with microsoft update and discovered that they aren’t on there. Please advise.

    4. Martin said on April 24, 2008 at 3:38 pm
      Reply

      Transcontinental I usually click on Component in the table which should lead to the download. A check however revealed the old files, or at least the old release dates of the files on the Microsoft homepage. I’m not sure if Microsoft has not yet update it or if they forgot to update the release date. Not sure what’s going on though.

      I did check Windows Updates as well and the patches were not found either.

    5. Transcontinental said on April 24, 2008 at 3:48 pm
      Reply

      OK, Martin, thanks. The point is, up to now, I’ve always relied on Microsoft Update (its Patch Tuesday) for all system updates. It seems some updates could not appear in the scan, which is a source of worry. I’ve even read that XP SP3 – mainly a sum of updates since SP1 – would include updates “missed” by all previous updating from MS Update…

      I admit at this point a certain confusion, and Microsoft always seems to be very little inclined to propose information to non-techies.

    Leave a Reply