Posted 11/11/08 at 01:17:52 PM by Mark Edward Soper

This month's Patch Tuesday, unlike October's, is a quiet one, with just two security bulletins:
- MS08-069 solves a remote code execution vulnerability in Microsoft's XML Core Service that is rated as Critical for version 3.0 and Important for later versions. All 32-bit and 64-bit desktop versions of Windows from Windows 2000 SP4 through Windows Vista SP1 are affected, as well as Microsoft Office 2003 and 2007. The Exploitability Index is 1 (Consistent Exploit Code Likely - the most serious ranking) or 2 (Inconsistent Exploit Code Likely), depending upon the version of XML Core Services installed. Windows Server 2003 and some installations of Windows Server 2008 are also affected.
- MS08-068 patches a remote code execution vulnerability in the SMB protocol. MS08-068 is rated as Important for Windows 2000 SP4 and Windows XP, and Moderate for Windows Vista. Windows Server 2003 and all Windows Server 2008 installations are also affected. Despite Microsoft's rating this vulnerability as only Important rather than Critical, MS08-068's Exploitability Index is 1 because exploit code targeting Windows XP is already public.
That's it for Patch Tuesday security bulletins, both of which will be arriving soon via Windows Update (or can be downloaded manually if you prefer). What else has Microsoft served up?
The only non-security content this time is the usual monthly update for the Malicious Software Removal Tool (KB890830; not yet updated as this article was posted now updated) and the usual monthly update for the Windows Mail junk mail filter (KB905866), available in 32-bit and 64-bit versions.
Posted 07/05/08 at 01:38:29 AM by Paul Lilly
This holiday weekend many of you will be kicking back with a cold one, firing up the grill, spectating your local fireworks display, and perhaps catching up on a videogame or two when the festivities all come to an end. But while you're busy unwinding, hackers continue to look for ways to distribute malicious code and exploit vulnerabilities. Don't let what's supposed to be a relaxing weekend turn into a hair-pulling experience because you were caught off guard.
Update to Opera 9.5.1
Opera Software unveiled version 9.5 of its flagship browser less than a month ago, and the first major update is now available. Patching Opera to version 9.5.1 addresses several bugs and stability issues, and at least one "highly critical" vulnerability that could be used to execute arbitrary code. And it's not just Windows users that should install the update, but Mac OS X and Linux lovers too. Areas addressed in the update include:
- User Interface
- Mail/News
- Display and Scripting
- Security
- Miscellaneous
View the 9.5.1 changelog for a detailed list of changes, and then hit the jump to see why you should be extra cautious about using the VLC Media Player.
Posted 04/16/08 at 08:51:25 AM by Mark Soper
The long-awaited release of Windows XP SP3 is almost here. Find out how Microsoft is staging the release and review our extensive coverage of SP3's new and improved features.
Posted 02/06/08 at 10:56:15 PM by Mark Soper
Microsoft's newest application compatibility update rolls out a 'new' strategy for dealing with programs that don't get along with Vista: blocking. Find out more about how blocking works - and who decides what apps get blocked.





