Security Bytes

Jun 14 2007   6:19AM GMT

Install those Microsoft patches — exploits abound

Leigha Leigha Cardwell Profile: Leigha

On the heels of our report of a possible new Microsoft Office zero-day yesterday comes news that there’s exploit code for some of the flaws Microsoft patched Tuesday.

Here’s an email alert I got from Symantec on the latest exploit activity:

“The DeepSight ThreatCon is currently at Level 2. Two exploits targeting the Microsoft Internet Explorer Speech API 4 COM Object Instantiation Buffer Overflow Vulnerabilities (BID 24426) have been published. These issues were patched by Microsoft on June 12, 2007 with security update MS07-033. One exploit is reported to achieve code execution on Windows XP SP2, while the other targets Windows 2000 SP4.”

These exploits should not surprise Windows admins. They appear instantly each month within hours and even minutes of Microsoft’s monthly patch rollout.

The obvious advice is to get those patches installed as soon as you can.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: