Plugging an Old, but Nasty, Security Hole in DirectX
It's a long way from DirectX 7 (Windows 2000 vintage 3D) to DirectX 10 (Windows Vista exclusive), but somehow a critical remote code execution vulnerability that's been kicking around for years is in every version from DX 7 to 10, and that means that Windows 2000, XP, and Vista users have some patching to do (and the server guys need to patch Windows Server 2003, too). Microsoft's Security Bulletin
has the gory details - and, more importantly, the links you need to fix the problem.
Oldies but Baddies, Take 2 - Windows Media's Turn
There's also a critical remote code execution in Windows Media format, also affecting Windows 2000, Windows XP, and Windows Vista on the desktop side (and Windows Server 2003). It affects Windows Media Format runtime versions from 7.1 through 11 (32-bit and 64-bit alike). See Microsoft Security Bulletin
for links to the updates you need.
Got Vista? Make Sure You Get This Fix
Now, the rest of you Windows users can rest easy. Vista users need to check out bulletin
to learn how to fix a vulnerability in the Windows Vista kernel.
Before You Download, Check Windows Update
Depending upon your Windows Update settings, you might have some or all of these fixes already in place. If not, follow the links provided to keep your systems safe and secure this holiday season.