patch

Microsoft issued four security bulletins on Tuesday to fix five holes in Windows and Office, including a critical vulnerability in a Windows Help and Support Center feature that has been targeted by attacks.

The vulnerability in the online help feature, which is delivered with supported editions of Windows XP and Windows Server 2003, could allow an attacker to take control of a computer by luring a computer user to a malicious Web site. The bulletin has a severity rating of "critical" for Windows XP and "low" for Windows Server 2003, according to the advisory.

Microsoft and others criticized … Read more

Microsoft said on Thursday that it expects to issue four security bulletins as part of next week's Patch Tuesday, closing critical holes in both Windows and Office.

The four bulletins cover a total of five vulnerabilities, including a Windows Help Center flaw that had been disclosed publicly by a Google researcher.

Of the two Windows-related bulletins, one is rated critical for Windows XP and low for Windows Server 2003, while the other affects only the 64-bit version of Windows 7.

On the Office front, one bulletin is related to the Access database and is rated critical for the 2003 … Read more

The latest changes to the MapQuest site are designed for travelers who believe a trip is as much about the journey as it is about the destination.

The mapping and direction service launched a host of new options on Tuesday that the company hopes will make its site more intutive and help people plan and discover new places as they travel the roads.

To start the journey, MapQuest has simplified its search box for locating directions and maps. The new, more user-friendly interface resembles the ones you'll find at Bing Maps and Google Maps--probably not a coincidence. Type your … Read more

Microsoft issued three critical security bulletins on Tuesday, plugging 10 holes that could allow an attacker to remotely take control of a Windows computer via a malicious media file or streaming content, or malicious Web content viewed through Internet Explorer.

Overall, this Patch Tuesday release involves 10 bulletins fixing 34 vulnerabilities affecting all supported versions of Windows, Office XP, Office 2003 and 2007 Microsoft Office System, Office 2004 and 2008 for Mac, Excel Viewer, and Sharepoint Services 3.0.

"This is the largest Microsoft patch release of 2010 and ties the record for the most vulnerabilities ever addressed in … Read more

Microsoft will on Tuesday issue 10 bulletins fixing 34 vulnerabilities affecting Windows, Office, and Internet Explorer.

Six of the bulletins affect Windows, with two of those rated critical by Microsoft. Two bulletins target Office, one targets both Windows and Office, and one critical bulletin affects Internet Explorer, according to a Microsoft Security Response Center blog post on Thursday.

Microsoft also said that with the June bulletins it will be closing Security Advisory 983438, which involves a vulnerability in SharePoint Services 3.0 and SharePoint Server 2007 that was disclosed in late April and which could lead to a cross-site scripting … Read more

Microsoft has launched a pilot program for governments and critical infrastructure providers to gain access to in-depth technical information about operating system patches before they are released on the second Tuesday of each month.

Senior security program manager lead at the Microsoft Security Response Center, Steve Adegbite, this week launched the Defensive Information Sharing Program (DISP) and the Critical Infrastructure Protection Program (CIPP) at the AusCERT 2010 security conference in Queensland.

Microsoft currently provides security vendors such as Kaspersky, McAfee and Symantec with some of this information, but not all of it. Finer details of a vulnerability don't normally … Read more

Microsoft issued two critical bulletins on Tuesday fixing holes in its e-mail programs and the Visual Basic for Applications programming language implementation built into Office.

Bulletin MS10-030 resolves a vulnerability affecting Outlook Express, Windows Mail, and Windows Live Mail that an attacker could exploit by compromising a mail server, hosting a malicious mail server, or performing a man-in-the-middle attack to intercept communications between the client and the server.

Bulletin MS10-031 fixes a hole in Microsoft Visual Basic for Applications (VBA) that could allow an attacker to remotely run code if a host application opens and passes a malicious file to … Read more

Microsoft on Tuesday will issue two critical bulletins that will fix vulnerabilities in Windows and Office, which if exploited successfully, could allow a remote attacker to take control of the computer, the company said Thursday.

The bulletins, part of the company's monthly Patch Tuesday fixes, affect Windows 2000, XP, Vista, Windows 7, Server 2003 and Server 2008, Office XP, Office 2003, 2007 Microsoft Office System, and Microsoft Visual Basic for Applications and Visual Basic for Applications software development kit. Windows 7 and Server 2008 R2 customers are not vulnerable in their default configurations, however, the company said in a … Read more

A critical vulnerability affecting Microsoft Windows 2000 Server running Windows Media Services will remain unfixed until Microsoft re-releases a patch for it, the company said on Friday.

A patch for the hole, which could allow an attacker to take control of a system, was released during Patch Tuesday last week. However, Microsoft pulled the patch this week because it failed to work.

"Shortly after we released the update we received several reports that it did not protect against the vulnerability reported to us. At that time, we pulled the update and notified customers," Jerry Bryant, group manager of … Read more