The Channel logo


By | John Leyden 4th July 2008 09:52

MS readies Vista code injection risk fix

Redmond security gnomes get tough

Critical bug fixes are on the agenda for this month's monthly patch update from Microsoft.

The four "important" fixes due out next Tuesday (8 July) for Microsoft SQL Server and Exchange as well as a brace of fixes for Windows. One of the Windows fixes affects Vista and poses a "remote code execution" risk, something that would normally merit a critical tag.

Microsoft will need to come up with a really convincing rationale on why the bug is hard to exploit, to avoid accusations that it's fudging the classification of the vulnerability to avoid negative press.

Windows XP, Microsoft's earlier (supposedly less secure) operating system, is not affected by that Windows bug, but it is affected by a flaw that poses a spoofing risk. Windows Server 2003 and Windows 2000 also need patching against the second flaw, which doesn't affect Vista.

As well as the patches Microsoft also plans to publish an update for its Malicious Software Removal Tool.

More details on the upcoming patches can be found in Microsoft's pre-alert here. ®

comment icon Read 2 comments on this article alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe