Microsoft updates two critical security patches

Martin Brinkmann
Apr 24, 2008
Updated • Apr 12, 2012
Security, Windows
|
5

It feels like I'm updating my computer every day in the last weeks. Microsoft issued yet another two security patches for Internet Explorer and the .net framework that can be downloaded from Microsoft Security Bulletin MS07-040 - Critical and Microsoft Security Bulletin MS08-024 - Critical. Both security patches are updated to patches that had been released before, one of them just a few weeks ago.

The Cumulative Security Update for Internet Explorer patches Internet Explorer 6 and newer versions of Internet Explorer. If the user visits a specially prepared website an attacker can gain the same rights on the Windows system as the user who is currently logged into the system. While this does not affect other browsers and to a lesser extent users who do not use administrative accounts it is still recommended to update the software immediately.

The Vulnerabilities in .NET Framework Could Allow Remote Code Execution patch fixes three security vulnerabilities. Two of them allow remote code execution and one information disclosure. It is again advised to update the system immediately to fix those security holes.

Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Transcontinental said on April 24, 2008 at 3:48 pm
    Reply

    OK, Martin, thanks. The point is, up to now, I’ve always relied on Microsoft Update (its Patch Tuesday) for all system updates. It seems some updates could not appear in the scan, which is a source of worry. I’ve even read that XP SP3 – mainly a sum of updates since SP1 – would include updates “missed” by all previous updating from MS Update…

    I admit at this point a certain confusion, and Microsoft always seems to be very little inclined to propose information to non-techies.

  2. Martin said on April 24, 2008 at 3:38 pm
    Reply

    Transcontinental I usually click on Component in the table which should lead to the download. A check however revealed the old files, or at least the old release dates of the files on the Microsoft homepage. I’m not sure if Microsoft has not yet update it or if they forgot to update the release date. Not sure what’s going on though.

    I did check Windows Updates as well and the patches were not found either.

  3. headlites said on April 24, 2008 at 3:31 pm
    Reply

    I too scanned with microsoft update and discovered that they aren’t on there. Please advise.

  4. Behnam said on April 24, 2008 at 3:24 pm
    Reply

    Hi
    i need your former project proxyrama source code can you send it’s download link or guide me to find it .I’ll wait for you.
    Thanks

  5. Transcontinental said on April 24, 2008 at 3:18 pm
    Reply

    There is something I don’t understand about these security patches.

    – If I go to Microsoft Update, the scan tells me no updates are required on my system. Is this relevant? If no :
    – If I go to the MS07-040 and the MS07-024 pages provided by your (Martin’s) links here above, how do I download the patches? I just don’t understand.

    Whatever, thanks for your advice regarding my lack of knowledge.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.