Discussion in 'other security issues & news' started by ronjor, Jul 16, 2008.
There always seems to surface these sort of holes in Windows every so often, i can't help but think that MS went overkill with file associations (never counted them all) and so cleverly minded and well studied peeps always seem to find yet another dike that needs plugged.
Of course, looks like under LUA this vulnerability has no teeth like many others, but with all those Admin controlled machines out there it is so easy to stick a fork in the system that it's not funny.
Thanks for the heads-up for sure.
Do I understand it correctly that this problem has re-surfaced?
Is there an update for this update?
Or is one fine if the initial update was installed in December 2007?
Frequently Asked Questions (FAQ) Related to This Security Update
Why was this bulletin revised on July 16, 2008?
This bulletin was revised to add DirectX 9.0a as affected software. Microsoft Update, Windows Update, the Microsoft Baseline Security Analyzer (MBSA), and Microsoft Systems Management Server (SMS) already correctly offer KB941568 to customers that have DirectX 9.0a installed. Customers with DirectX 9.0a installed should apply the update to remain secure.
Why was this bulletin revised on January 23, 2008?
This bulletin was revised to add DirectX 9.0 and 9.0b as affected products. Microsoft Update, Windows Update, the Microsoft Baseline Security Analyzer (MBSA), and Microsoft Systems Management Server (SMS) already correctly offer KB941568 to customers that have DirectX 9.0 and 9.0b installed. Customers with DirectX 9.0 and 9.0b installed should apply the update to remain secure.
Why does this update address several reported security vulnerabilities?
This update contains support for several vulnerabilities because the modifications that are required to address these issues are located in related files. Instead of having to install several updates that are almost the same, customers need to install this update only.
The best way to be sure that you are always up to date with the Microsoft security updates if unsure is to run the Microsoft Baseline Security Analyzer (MBSA) which can be found here
If I'm not mistaken this update was also delivered through AU. So as long as it's installed one is covered (for this security threat), right?
Separate names with a comma.