'Critical' Patches this Patch Tuesday!
Techtree News Staff
May 09 2007
Microsoft has released 7 security patches for the month of May that prominently include fixes for the DNS Server, Office, Internet Explorer, Exchange, and CAPICOM/BizTalk.
All 7 security patches are rated 'critical,' and fix a total of 19 bugs.
However, out of the 7, security experts say IT administrators need concentrate the most on MS07-026 and MS07-029 that fix flaws in Exchange and DNS (Domain Name System) server.
The DNS vulnerability, which is present in Windows 2000 Server and Windows Server 2003, is most critical, and is about a month old. There have been instances reported in the past weeks, wherein hackers have attempted to exploit this vulnerability and take control of the system.
The Office fix plugs the vulnerability in various versions of Office, including 2000, 2007, XP, and 2004 for Mac. This is the most widespread vulnerability, wherein a maliciously crafted drawing object activates arbitrary code.
The
Internet Explorer fix patches about 5 vulnerabilities in IE versions 5, 6, and 7, including Itanium and x64.The Exchange update fixes previously undisclosed flaws in Microsoft's messaging software that could be exploited to seize control over a server.
The CAPICOM (Cryptographic API Component Object Model) update is relevant to BizTalk Server 2004, but not to 2000, 2002, or 2006.
Meanwhile, Microsoft has advised customers to install these updates immediately. Users can install free updates through the Microsoft update Web site, or through automatic updates.
http://www.techtree.com/India/News/Critical_Patches_this_Patch_Tuesday/551-80988-582.html
