Patch

Blogs were buzzing this week with reports that Windows users who thought they had automatic updates set to either not install or get permission before installing nonetheless had their machines patched and rebooted.

Friday afternoon, the company posted a response to its Web site saying no changes were made to the automatic update mechanism nor did any recent updates change AU settings. The company is looking into whether customers might have actually had their settings changed by Microsoft Office or Windows OneCare, two programs that do have mechanisms that will change a computer's automatic update preference settings.

"We … Read more

Microsoft today released its October 2007 security bulletin, which includes six updates: four are designated as Critical by the software giant; two are deemed Important, and one previously announced patch was dropped. On the Windows side there is a cumulative update for Internet Explorer, a patch for Outlook/Windows Mail, and one for an RPC vulnerability. On the Microsoft Office side, there is a patch for SharePoint Server and one critical patch for Microsoft Office Word, including Microsoft Office 2004 for Mac. And one patch for the Kodak Image Viewer. All Microsoft security patches for Windows and Office software are … Read more

As part of this month's Patch Tuesday, coming next week, Microsoft plans to release seven patches, four rated "critical" and three "important." Affected software includes Windows (Windows 2000, XP, and Vista), Office (Word and SharePoint Server), Internet Explorer, Outlook Express and Windows Mail. One patch affects Microsoft Office 2004 for the Mac.

Microsoft on Tuesday released its September 2007 security bulletin, which includes four updates: One is designated as "critical" by the software giant; three are deemed "important," and one previously announced patch was dropped. Microsoft decided at the last minute not to patch Sharepoint Server in this month's release. The most serious patch affects Microsoft Agent in Windows 2000. Of the important patches, one affects Windows Services for UNIX, one affects Visual Studio and one affects both MSN Messenger and Windows Live Messenger.

All Microsoft security patches for Windows and Office software are available via Microsoft Update … Read more

Got Yahoo Messenger? Hit refresh.

Yahoo on Thursday issued a patch for a highly critical security flaw, just a week after it issued another Yahoo IM security update.

In this latest case, a security flaw was discovered in the ActiveX control, which is part of the Yahoo services suite that is typically downloaded with the Yahoo Messenger installer. The vulnerability could be exploited if a user visits a malicious Web site, which in turn could lead to a buffer overflow attack and launch of arbitrary executable code.

Not a good thing.

Yahoo is calling on users to update to version 8.1.0.419. … Read more

Last week, the Skype VoIP service went down for two days, affecting customers worldwide. On Monday, Villu Arak, writing on the Skype blog Heartbeat, attributed the outage to "a previously unseen software bug within the network resource allocation algorithm which prevented the self-healing function from working quickly."

But the root cause? "The disruption," he said, "was triggered by a massive restart of our users' computers across the globe within a very short time frame as they rebooted after receiving a routine set of patches through Windows Update." Tuesday Microsoft pushed out nine patches, six … Read more

Microsoft today released its August 2007 security bulletin, which includes nine updates: Six are designated as "critical" by the software giant and three are deemed "important." Two patches affect Microsoft products on the Mac, and one affects Windows Vista. All Microsoft security patches for Windows and Office software are available via Microsoft Update or via the individual bulletins detailed below.

MS07-042: CriticalTitled "Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)" this bulletin affects users of Microsoft XML Core Services in Windows 2000, Windows Server 2003, and Windows Vista; it also affects Microsoft Office 2003, Office 2007 and Microsoft Office SharePoint Server; and it addresses the vulnerability detailed in CVE-2007-2223. Successful exploitation could lead to remote code execution.… Read more

Microsoft today released its August 2007 security bulletin, which includes nine updates: Six are designated as "critical" by the software giant and three are deemed "important." Two patches affect Microsoft products on the Mac, and one affects Windows Vista. All Microsoft security patches for Windows and Office software are available via Microsoft Update or via the individual bulletins detailed below.

MS07-042: CriticalTitled "Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)" this bulletin affects users of Microsoft XML Core Services in Windows 2000, Windows Server 2003, and Windows Vista; it … Read more

In a preview of what's to be expected Tuesday, Microsoft said the August Patch Tuesday will include nine patches, six of which it will rate as "critical." The remaining three are considered "important."

The patches will cover the Windows OS, the Microsoft Office suite, Internet Explorer, Windows Media Player and Windows Virtual PC. Of the six critical patches, one is shared between Windows and Microsoft Office.

It is expected that one or both recent hot fixes to Windows Vista released last week will also be included on Tuesday.