Since I have found C.T.H. my experience has been enhanced and very enjoyable. I am learning and find myself more enclined to be taking than receiving. Hopefully this will change and I will be able to help more .Inthe mean time I have other skills and I will try to read the anything else board and maybe help in other ways. Keep the quality up, and the humour - mickb 
Microsoft to patch four bugs on Tuesday
Posted by: Tweaker
Date added: 08:52, 9th May 2008 GMT
Source: Computer World News
Microsoft today said it plan to post four security updates next week, three of them "critical," to patch Windows, Word, Publisher and all of the company's anti-malware applications.
Among the critical fixes will be one that quashes bugs in Microsoft's Jet Database Engine that go back as far as 2005. The other critical patches will close holes in Microsoft's word processor and desktop publishing programs.
"Finally, the expected fix for Jet," said Andrew Storms, director of security operations at nCircle.
Seven weeks ago, Microsoft rang an alarm over critical vulnerabilities in Jet Database Engine, a Windows component that provides data access to applications such as Microsoft Access and Visual Basic. The company posted a security advisory on March 22 that acknowledged "public reports of very limited, targeted attacks" using Word documents that triggered the Jet Database bug.
Several days later, Microsoft's security team admitted it had known of the Jet Database bugs for more than two years, but had not patched the problems because it thought it had blocked the obvious attack vectors. In a post to the Microsoft Security Response Center (MSRC) blog, Mike Reavey, the group's operations manager, said it might replace the version of Jet in Windows 2000, XP and Server 2003 SP1 to fix the flaws.
The Jet Database Engine included in Windows Vista, Windows Server 2003 SP2 and the just-released Windows XP SP3 is not vulnerable to the attacks, and doesn't require replacement.
According to Microsoft's prepatch notification, which it issued Thursday, Microsoft will swap out the buggy Jet in Windows 2000, XP SP2 and Server 2003 SP1.
It also appears that Microsoft will fix Word to shut down that attack vector, said nCircle's Storms. "I have a strong feeling that they're patching both ends of the problem," he said. "They're covering all the bases, which is the right thing to do."
The single non-critical patch slated for release is a fix marked "important" by Microsoft that will affect the company's consumer and enterprise anti-malware products. The patch will address what Microsoft called a denial-of-service issue in Antigen, Forefront Security, Windows Live OneCare and Windows Defender.
Tools: Post a comment | Link to this news item | Send to a friend | Submit News
Error: You are not logged in.
In order to leave comments to news articles you must be a Cyber Tech Help Member.
Registration is completely free! 
Register to become a member
Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.
