Extra-large crop of updates for Patch Tuesday

Posted by   Virus Bulletin on   Aug 12, 2010

Fourteen security alerts from Microsoft join two from Adobe.

Microsoft's monthly Patch Tuesday security bulletins came out this week, featuring a chunky 14 separate alerts with many covering multiple issues. Eight of the new alerts were rated 'Critical', with the remaining six marked as 'Important'. In addition to Microsoft's updates, Adobe also released a trio of fixes, with two labelled 'Critical' and the third 'Important'.

Of the issues addressed by this batch of Microsoft patches, the most significant affect Word, SMB Server, .NET, XML Core Services and MPEG Codecs. The release also includes the usual batch of fixes for problems with Internet Explorer. An out-of-band update to fix the serious vulnerability involving .lnk files, released last week, was also included in the bulletin. Full details are at Microsoft here, with a blog entry covering the release here and a summary from SANS here.

Adobe's update release, timed to coincide with Patch Tuesday, included critical fixes for Flash Player and Flash Media Server, and an important HotFix for ColdFusion. Full details are at Adobe here, with another SANS summary here.

Users of Adobe's popular Reader software will have to wait a little longer for another patch, due to be released as an emergency update next week, according to reports. Meanwhile, those who choose to go with the alternative PDF viewer from Foxit Software will have to update to cover the same vulnerability which affects users of Apple's iPhone - their announcement is here. For once, Adobe users are not affected by the vulnerability.

Posted on 12 August 2010 by Virus Bulletin

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

What kind of people attend Virus Bulletin conferences?

If you are considering submitting a proposal for a talk to VB2018 and you're not familiar with the event, you may find it useful to know what kind of people attend the conference.

Olympic Games target of malware, again

An unattributed malware attack has disrupted some computer systems of the 2018 Winter Olympics. In 1994, a computer virus also targeted the Winter Olympics.

There are lessons to be learned from government websites serving cryptocurrency miners

Thousands of websites, including many sites of government organisations in the UK, the US and Sweden, were recently found to have been serving a cryptocurrency miner. More interesting than the incident itself, though, are the lessons that can be…

We need to continue the debate on the ethics and perils of publishing security research

An article by security researcher Collin Anderson reopens the debate on whether publishing threat analyses is always in the public interest.

WordPress users urged to manually update to fix bug that prevents automatic updating

Users of the popular WordPress content management system are urged to manually update their installation to version 4.9.4, as a bug in the previous version broke the ability to automatically install updates.