Microsoft Security Bulletin MS07-064 – Critical

Discussion in 'other security issues & news' started by ronjor, Jul 16, 2008.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,770
    Location:
    Texas
    Microsoft
     
  2. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    There always seems to surface these sort of holes in Windows every so often, i can't help but think that MS went overkill with file associations (never counted them all) and so cleverly minded and well studied peeps always seem to find yet another dike that needs plugged.

    Of course, looks like under LUA this vulnerability has no teeth like many others, but with all those Admin controlled machines out there it is so easy to stick a fork in the system that it's not funny.

    Thanks for the heads-up for sure.

    EASTER
     
  3. Stijnson

    Stijnson Registered Member

    Joined:
    Nov 7, 2007
    Posts:
    533
    Location:
    Paranoia Heaven
    Do I understand it correctly that this problem has re-surfaced?
    Is there an update for this update?

    Or is one fine if the initial update was installed in December 2007?
     
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Frequently Asked Questions (FAQ) Related to This Security Update

    Why was this bulletin revised on July 16, 2008?
    This bulletin was revised to add DirectX 9.0a as affected software. Microsoft Update, Windows Update, the Microsoft Baseline Security Analyzer (MBSA), and Microsoft Systems Management Server (SMS) already correctly offer KB941568 to customers that have DirectX 9.0a installed. Customers with DirectX 9.0a installed should apply the update to remain secure.

    Why was this bulletin revised on January 23, 2008?
    This bulletin was revised to add DirectX 9.0 and 9.0b as affected products. Microsoft Update, Windows Update, the Microsoft Baseline Security Analyzer (MBSA), and Microsoft Systems Management Server (SMS) already correctly offer KB941568 to customers that have DirectX 9.0 and 9.0b installed. Customers with DirectX 9.0 and 9.0b installed should apply the update to remain secure.

    Why does this update address several reported security vulnerabilities?
    This update contains support for several vulnerabilities because the modifications that are required to address these issues are located in related files. Instead of having to install several updates that are almost the same, customers need to install this update only.

    The best way to be sure that you are always up to date with the Microsoft security updates if unsure is to run the Microsoft Baseline Security Analyzer (MBSA) which can be found here
    http://www.microsoft.com/downloads/...AF-9DBE-4DCE-889E-ECF997EB18E9&displaylang=en
     
  5. Stijnson

    Stijnson Registered Member

    Joined:
    Nov 7, 2007
    Posts:
    533
    Location:
    Paranoia Heaven
    If I'm not mistaken this update was also delivered through AU. So as long as it's installed one is covered (for this security threat), right?
     
Loading...
Thread Status:
Not open for further replies.