April Showers Grow Windows Updates

April Showers Grow Windows Updates

Critical Security Updates for April

Microsoft is delivering four critical security fixes to a Windows system near you via Windows Update. However, if you don't perform updates automatically, or if you want to learn more about what's changed, here are the details:

  •  
    • Stop a remote code execution vulnerability in Internet Explorer by installing the updates discussed in Microsoft Security Bulletin MS08-024. All versions from the pre-Cambrian version 5.01 up through IE 7 on Windows 2000, XP, Vista, Windows Server 2003, and Windows Server 2008 are affected. For more information, see Knowledge Base article KB947864.
    • If you use Yahoo! Music Jukebox, Security Bulletin MS08-023 discusses a vulnerability in the current version affecting Windows 2000, XP, Vista, Windows Server 2003 and Windows Server 2008. The bulletin also provides links to update the program. If you don't update Yahoo! Music Jukebox, the fix in MS08-023 installs a kill bit to prevent the program's ActiveX controls from running.
    • Windows Vista and Windows Server 2008 users are not affected by a remote code execution problem with VBScript and Jscript, but Windows 2000, XP, and Windows Server 2003 need to install the updates discussed in Microsoft Security Bulletin MS08-022. For more information, see Knowledge Base article KB944338.
    • WMF or EMF image files might not seem like a threat, but they can be used to attack the Windows GDI subsystem. Protect your system (Windows 2000, XP, Vista, Windows Server 2003, or Windows Server 2008) by installing the update discussed in Microsoft Security Bulletin MS08-021. For more information, see Knowledge Base article KB948590.

Important Security Updates for April

Microsoft is also rolling out two important security updates for Windows users:

  •  
    • Prevent Domain Name System (DNS) requests from your system from being redirected to a fraudulent website by installing the update discussed in Microsoft Security Bulletin MS08-020. The update applies to Windows 2000, Windows XP, Windows Vista (pre-SP1), and Windows Server 2003. If you've updated Windows Vista to SP1, you're already protected. For more information, see Knowledge Base article KB945553.
    • Protect the Windows kernel from being attacked by installing the update discussed in Microsoft Security Bulletin MS08-025. The update applies to Windows 2000, Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008. Be sure to read Knowledge Base article KB941693 for more information, especially if you ever need to uninstall this update.

Updates for Other Microsoft Products

Patch Tuesday also includes updates for the following products. Obtain these updates manually by following the links, or automatically by using Microsoft Update:

--------------------------------------------------------

Whether you're a Vista fan or an XP loyalist, Mark Soper's written books just for you: Maximum PC Microsoft Windows Vista Exposed provides a no-holds-barred tour of what's new, improved, and just plain different about Vista. Mark teams up with TV and podcasting legend Leo Laporte to solve your Windows XP woes in Leo Laporte's PC Help Desk. They're available at Amazon.com, Barnes & Noble, and other bookstores everywhere.

2

Comments

+ Add a Comment
avatar

Block_Dude

I saw nothing but the removal tool for April, can anyone confirm who also is using XP SP3?

avatar

Marcus_Soperus

Microsoft is specifically listing the Windows XP updates as being for XP Service Pack 2. I don't know if this is because they might already be included in SP3 (or if SP3 doesn't have these vulnerabilities or because SP3 is still in pre-release). Hopefully some other SP3 users can shed some light on this.
-------------------------------------------
It's amazing how illogical a business built on binary logic can be.

Log in to MaximumPC directly or log in using Facebook

Forgot your username or password?
Click here for help.

Login with Facebook
Log in using Facebook to share comments and articles easily with your Facebook feed.