Microsoft Patches More Windows Holes

Spinner

Microsoft has released four new collections of Windows fixes, three of which it has deemed critical. The company issued four new security bulletins—all of which pertain to Windows vulnerabilities. Three of the new patches the company rated "critical," and the other, "important".

Bulletin MS04-011 pertains to a remote-code-execution vulnerability in all versions of Windows ranging from NT 4.0 to Windows XP and Windows Server 2003.

Bulletin MS04-012, a cumulative update for Microsoft's remote procedure call/distributed component object model (RPC/DCOM) technologies, also applies to all versions of Windows ranging from NT 4.0 to Windows XP and Windows Server 2003.

A recent version of the Sober Worm came in e-mail messages claiming to be Microsoft security patch alerts. Click here to read more about the attack.

The third critical bulletin, Bulletin MS04-013, is a cumulative update for Outlook Express 5.5 and 6.0. As Outlook Express is part of many older versions of Windows, as well as current ones, Microsoft is recommending users of all Windows variants, starting with Windows 98, download and apply this update — even if Outlook Express is not the default e-mail reader on the system.

The fourth bulletin, labeled "important," is MS04-014, and pertains to a vulnerability in Microsoft's Jet database engine 4.0. Microsoft is recommending that users running versions of Windows from Windows 98 to the current Windows XP and Windows Server 2003 apply the patch in order to head off possible buffer-overrun problems that could allow remote code execution on users' systems.

Source: Eweek

Straight_Man

Thanks for the details, Spinner. I'll grab them, except for the OE one, that is not IN my XP install.

John D.

Shivian

Yay I start to get paranoid when no new holes are patched for a while