Skip to navigation

PCPro-Computing in the Real World Printed from www.pcpro.co.uk

Register to receive our regular email newsletter at http://www.pcpro.co.uk/registration.

The newsletter contains links to our latest PC news, product reviews, features and how-to guides, plus special offers and competitions.

Latest News

Patch Tuesday tackles ActiveX exploit

 
Gallery

Posted on 15 Jul 2009 at 10:41

Microsoft has delivered six security updates in its latest Patch Tuesday update, including a fix for the ActiveX exploit being used to attack Internet Explorer.

The six updates patch a total of nine vulnerabilities, six of which have been ranked as critical - the highest ranking in Microsoft's four-step score. A further three are labelled as important, the second-highest ranking.

The most significant of the updates applies a large number of "kill bits" to the ActiveX and DirectShow, disabling the controls being exploited by hackers to attack Internet Explorer 6 and 7. The fix is intended to temporarily address the problem, while the company beavers away on a patch.

Microsoft has confirmed that thousands of legitimate websites have been hacked to exploit the flaw in DirectShow, which Internet Explorer uses to process media.

The third critical update, identified as MS09-029, addresses two vulnerabilities in the Embedded OpenType (EOT) Engine which leave all versions of Windows open to attack.

The important fixes address holes in Microsoft Office, Publisher Internet Security and Acceleration Server, Virtual PC and Virtual Server.

Author: Stuart Turton

Be the first to comment this article

You need to Login or Register to comment.

(optional)

advertisement

Most Commented News Stories
Latest Blog Posts Subscribe to our RSS Feeds
Latest Reviews Subscribe to our RSS Feeds
Latest Real World Computing

advertisement

Sponsored Links
 
SEARCH
SIGN UP

Your email:

Your password:

remember me

Create an account

advertisement


Hitwise Top 10 Website 2008