The February security update from Microsoft addresses a dozen issues, including six that Microsoft rates as 'Critical'. The vulnerabilities fixed are present in Microsoft Windows, Microsoft Antivirus, Microsoft Office (including Microsoft Office 2004 for Mac), Microsoft Internet Explorer and Microsoft Visual Studio. Microsoft Windows users should download the updates via the Windows Update website.

Technorati Tags: ie, microsoft office, microsoft windows, software update, vulnerabilities

Second Tuesday of the month is patch day for Microsoft, and today they have released details regarding a slew of highly critical vulnerabilities present in the Excel portion of Microsoft Office 2000, Office XP, Office 2003, Works Suite 2004 & 2005, Office 2004 for Mac, Office v.X for Mac. Addressed with a software update released today were five critical issues in Excel: the Excel Malformed IMDATA Record Vulnerability, Excel Malformed Record Vulnerability, Excel Malformed String Vulnerability, Excel Malformed Column Record Vulnerability, and the Excel Malformed Palette Record Vulnerability.

In addition to the Excel issues, also addressed today were highly critical issues in Microsoft Outlook, Microsoft Windows, and Internet Explorer. Windows users may obtain the update directly from Microsoft. Microsoft Office users, including Mac users, should visit the Microsoft Office website. Specifically, updates for Microsoft Office v.X for Mac and Microsoft Office 2004 for Mac are also available.

Technorati Tags: excel, microsoft, microsoft office, microsoft windows, software update, vulnerabilities

December's security update from Microsoft is significant, and patches a number of critical and important vulnerabilities discovered in Windows, Visual Studio, Internet Explorer, Outlook Express and Windows Media Player. If you're using a Windows system, download the latest updates from Microsoft. Microsoft updates are released the second Tuesday of each month.

Technorati Tags: microsoft windows, software update, vulnerability

The October Security Bulletin from Microsoft describes the latest software update, and contains a multitude of fixes across the product line, including patches for vulnerabilities in Microsoft Office and Microsoft Windows; six of these vulnerabilities have been labeled by Microsoft as 'Critical'.

Since many of the vulnerabilities can result in malicious individuals gaining system access, installing the update as soon as possible is highly recommended for all users of Microsoft Office and Microsoft Windows products.

Technorati Tags: microsoft, microsoft windows, microsoft office, software update, vulnerability

For the second month in a row, Microsoft has released an out-of-cycle update for a major vulnerability. The company has issued a software update for Internet Explorer 5.01 and Internet Explorer 6, addressing the highly critical vulnerability discovered earlier this month, and that is being actively exploited by malicious, untrusted websites. Microsoft Security Bulletin MS06-055 describes the issue as a vulnerability in the Vector Markup Language. The update for IE is now available for these versions of Microsoft Windows:

Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

Technorati Tags: internet explorer, microsoft windows, software update, vulnerability

Security organization Secunia has put the "extremely critical" stamp on the latest Internet Explorer 6.x vulnerability. The vulnerability has been confirmed in fully patched versions of the software, and exploits that take advantage of the issue are circulating "in the wild". The issue may not be patched before next month's regular update from Microsoft - always on the second Tuesday of each month. Due to the serious nature of this vulnerability, it is possible that Microsoft will release a rare out-of-cycle patch to address the problem. Until then, the mitigation technique is to disable Active Scripting within Internet Explorer 6.x, and do not visit untrusted websites.

UPDATE 9/21: This vulnerability is being actively and aggressively exploited by malicious websites. Until this issue is addressed, do not visit untrusted websites. Do not click on untrusted links (i.e. links from emails, instant messages, etc.), or, if you must visit untrusted sites, use a different browser...

How about giving Firefox a try?

Technorati Tags: internet explorer, microsoft, security, vulnerability

Microsoft's September security update contains but three updates for their products, affecting Microsoft Publisher (2000, 2002 & 2003), Windows Server 2003, Windows XP and Windows 2000. Microsoft Publisher had the most serious vulnerability patched this month, rating a critical ranking from Microsoft. Updates for the aforementioned products can be downloaded from the Microsofts Update site (IE required, of course!).

Technorati Tags: microsoft windows, security, software update, vulnerability

Apple has updated QuickTime with the availability of QuickTime 7.1.3 - the latest version includes a security update that addresses six critical vulnerabilities in software package, and is available for Mac OS X 10.3/10.4 and Microsoft Windows XP/2000. Since many of the vulnerabilities fixed with this update have the potential of becoming remotely exploitable, it is recommended that all users of QuickTime update their software to protect themselves from future malware that may take advantage of these issues.

Technorati Tags: apple, mac os x, microsoft windows, quicktime, software update, vulnerability

The second Tuesday of the month has come and gone again, and Microsoft's August security update is a significant one, addressing at least 9 highly critical vulnerabilities in Windows, Internet Explorer, Outlook Express and Microsoft Office.

Due to the serious security issues addressed with this update, Microsoft urges all users of the aforementioned products to install these security updates as soon as possible. Securing your network, and applying all recommended security patches are the best way to keep your Windows PC free of malware.

UPDATE: The Department Of Homeland Security has asked Windows users to install this month's security update from Microsoft, due to the potential for exploitation.

Technorati Tags: microsoft, microsoft office, microsoft windows, software update, vulnerability

A highly critical vulnerability was disclosed today by security organization Secunia. According to the advisory, the vulnerability is present in numerous versions of Microsoft PowerPoint, including Microsoft Office 2000, all versions of Microsoft Office 2003 (along with the Microsoft Office PowerPoint 2003 Viewer), Microsoft Office XP, as well as PowerPoint 2000, PowerPoint 2002, and PowerPoint 2003. The vulnerability can be exploited to corrupt memory, and "[s]uccessful exploitation crashes the application and arbitrary code execution may potentially also be possible, but has not currently been proven." Until Microsoft releases a patch, users of PowerPoint are advised to not open untrusted Office documents.

The Mac OS X versions of Microsoft Office do not seem to be affected.

Technorati Tags: microsoft office, vulnerability

The second Tuesday of the month is always patch day for Microsoft products. This month, Microsoft has released updates addressing a number of highly critical vulnerabilities in Microsoft Windows, Office and Excel products. It is safe to say that if you use any of these products, a visit today to Microsoft's update page would be an important step in keeping your system up-to-date, and reduce the likelihood of experiencing malware targeted at these vulnerabilities.

Technorati Tags: microsoft, microsoft windows, microsoft office, software update

As part of their usual second-Tuesday-of-the-month software update, Microsoft today released a major security update, that addresses a number of highly critical vulnerabilities in a variety of products, including Windows Media Player (versions 7.1, 9, 10 & XP), PowerPoint and multiple highly critical vulnerabilities in Internet Explorer.

Technorati Tags: microsoft, software updates

Being the second Tuesday of the month, one can expect a care package out of Redmond, WA. This time, Microsoft released security updates for FrontPage, Outlook Express, addressing a ton of issues in Internet Explorer 5, 5.01, & 6, as well as a number of components of Windows (Microsoft Data Access Componets & Windows Explorer).

Technorati Tags: microsoft, internet explorer, security, windows

Microsoft has rolled in last week's WMF Graphics Rendering Engine Vulnerability security update into this week's usual monthly software update. Aside from including the update for the WMF vulnerability, Microsoft patched two other highly critical vulnerabilities; one with Microsoft Windows and another with Microsoft Office and Microsoft Exchange.

The Windows Embedded Web Font Vulnerability affects all modern versions of Windows, including Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP and Windows Server 2003.

Also addressed is a vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange affecting users of Microsoft Office 2000, Microsoft Office XP and Microsoft Office 2003, as well as Microsoft Exchange Server 5.0 Service Pack 2, Microsoft Exchange Server 5.5 Service Pack 4, and Microsoft Exchange 2000 Server Pack 3 with the Exchange 2000 Post-Service Pack 3 Update Rollup of August 2004 (whew!).

January's security update from Microsoft can be downloaded from Microsoft's Download Center.

Technorati Tags: microsoft, office, microsoft exchange, security, software updates, vulnerabilities, windows

Microsoft today released a patch addressing the previously mentioned WMF vulnerability.