MS alerts users to Windows DirectX and MS SQL vulnerability
Shorty
Manchester, UK Icrontian
Suppose we might as well "alert" everyone to yet ANOTHER set of Microsoft Vulnerabilities
1) Direct X
Microsoft yesterday warned of security flaws with DirectX's DirectShow component that might be used by an attacker to run hostile code on vulnerable Windows machines.
Redmond has issued a patch - designated as critical - which users are urged to review.
The list of affected software is extensive: Microsoft DirectX 5.2 on Windows 98; MS DirectX 6.1 on Windows 98 SE; DirectX 7.0a and DirectX 9.0a on Windows Me; DirectX and DirectX 9.0a 7.0 on Win 2000; DirectX 8.1 and DirectX 9.0a on Win XP; DirectX 8.1 and DirectX 9.0a on Win Server 2003 are all potentially vulnerable.
So too is Windows NT 4.0 with either Windows Media Player 6.4 or IE 6 SP 1 installed and Microsoft Windows NT 4.0, Terminal Server Edition with either Windows Media Player 6.4 or IE 6 SP 1 installed.
Technet
2) Security Update for Microsoft SQL Server
The following products require updating:
Microsoft SQL Server 7.0
Microsoft Data Engine 1.0 (MSDE 1.0)
Microsoft SQL Server 2000
Microsoft Desktop Engine 2000 (MSDE 2000)
Microsoft SQL Server 2000 Desktop Engine (Windows)
A number of security issues have been identified in the Microsoft® SQL Server™. For example, an attacker could cause the system to hang and become unresponsive.
Technet
1) Direct X
Microsoft yesterday warned of security flaws with DirectX's DirectShow component that might be used by an attacker to run hostile code on vulnerable Windows machines.
Redmond has issued a patch - designated as critical - which users are urged to review.
The list of affected software is extensive: Microsoft DirectX 5.2 on Windows 98; MS DirectX 6.1 on Windows 98 SE; DirectX 7.0a and DirectX 9.0a on Windows Me; DirectX and DirectX 9.0a 7.0 on Win 2000; DirectX 8.1 and DirectX 9.0a on Win XP; DirectX 8.1 and DirectX 9.0a on Win Server 2003 are all potentially vulnerable.
So too is Windows NT 4.0 with either Windows Media Player 6.4 or IE 6 SP 1 installed and Microsoft Windows NT 4.0, Terminal Server Edition with either Windows Media Player 6.4 or IE 6 SP 1 installed.
Technet
2) Security Update for Microsoft SQL Server
The following products require updating:
Microsoft SQL Server 7.0
Microsoft Data Engine 1.0 (MSDE 1.0)
Microsoft SQL Server 2000
Microsoft Desktop Engine 2000 (MSDE 2000)
Microsoft SQL Server 2000 Desktop Engine (Windows)
A number of security issues have been identified in the Microsoft® SQL Server™. For example, an attacker could cause the system to hang and become unresponsive.
Technet
0
Comments
Proberly not, they will more than likely have inserted the patch already into 9.0b. They must have known about it for a while.