Microsoft Security Update News - Mid-December Edition


Plugging an Old, but Nasty, Security Hole in DirectX

It's a long way from DirectX 7 (Windows 2000 vintage 3D) to DirectX 10 (Windows Vista exclusive), but somehow a critical remote code execution vulnerability that's been kicking around for years is in every version from DX 7 to 10, and that means that Windows 2000, XP, and Vista users have some patching to do (and the server guys need to patch Windows Server 2003, too). Microsoft's Security Bulletin MS07-064 has the gory details - and, more importantly, the links you need to fix the problem.

Oldies but Baddies, Take 2 - Windows Media's Turn

There's also a critical remote code execution in Windows Media format, also affecting Windows 2000, Windows XP, and Windows Vista on the desktop side (and Windows Server 2003). It affects Windows Media Format runtime versions from 7.1 through 11 (32-bit and 64-bit alike). See Microsoft Security Bulletin MS07-068 for links to the updates you need.

Got Vista? Make Sure You Get This Fix

Now, the rest of you Windows users can rest easy. Vista users need to check out bulletin MS07-066 to learn how to fix a vulnerability in the Windows Vista kernel.

Before You Download, Check Windows Update

Depending upon your Windows Update settings, you might have some or all of these fixes already in place. If not, follow the links provided to keep your systems safe and secure this holiday season.

Around the web