Microsoft February Security Updates - gHacks Tech News

Microsoft February Security Updates

Microsoft has released a cumulative security update for Internet Explorer 7 and 8 that fixes several critical vulnerabilities in the web browser. It is recommended to update Internet Explorer as soon as possible to fix those vulnerabilities. The vulnerabilities are rated critical for Internet Explorer versions running under Windows XP or Windows Vista and moderate for Windows Server 2003 and Windows Server 2008. The article is mentioning downloads for Internet Explorer 8 beta but the linked article does not contain any. This seems to suggest that Internet Explorer 8 is affected by the vulnerability as well. This probably only affects pre release candidate builds of Internet Explorer 8.

The security update fixes the following two vulnerabilities: Uninitialized Memory Corruption Vulnerability and CSS Memory Corruption Vulnerability. Since it is a cumulative update it does apply all previous security updates for Internet Explorer on the computer system.

This security update resolves two privately reported vulnerabilities. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for Internet Explorer 7 running on supported editions of Windows XP and Windows Vista. For Internet Explorer 7 running on supported editions of Windows Server 2003 and Windows Server 2008, this security update is rated Moderate.

The easiest way to update affected systems is to use Microsoft Update which will download and apply the security updates automatically. The other possibility is to download the patch from Microsoft Download and apply it manually.

Microsoft has released three additional security bulletins:

  • Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)
  • Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420)
  • Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution (957634)

It is highly recommended to update the system as soon as possible to fix the vulnerabilities and protect it against possible exploits.

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. Noel said on February 11, 2009 at 9:34 am
    Reply

    Honestly, I am tired of downloading updates every week. This creates a major hassle when I reinstall the system (which is usually once a year), downloading another Gb or so updates every time.

    Just curious if there is any offline installer for all the updates release so far, except SP2 and SP3. I knew one but heard lastly that they got a notice for Microsoft and they pulled down the site. Any other alternative?

    Thanks in advance.

  2. Enigma said on February 11, 2009 at 1:03 pm
    Reply

    http://www.heise.de/ct/projekte/offlineupdate/download_uk.shtml

    Allows you to make a scripted based install for all updates, also allows you to download and backup all updates too, will download service but there is a choice not to.

  3. BillB said on February 11, 2009 at 7:07 pm
    Reply

    In addition to Heise (above), you can get an offline installer for all updates at:

    http://www.windowsupdatesdownloader.com/

  4. Enigma said on February 12, 2009 at 1:40 am
    Reply

    BillB:

    Not bad, but the advantage my suggestion has over yours is the ability to install and walk away as it will do everything for you.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.