blind_html [Fwd: BAH Microsoft To Rush Out Emergency IE Patch]

  • From: Nimer Jaber <nimerjaber1@xxxxxxxxx>
  • To: blind_html@xxxxxxxxxxxxx
  • Date: Sun, 26 Jul 2009 19:09:19 -0600



-------- Original Message --------
Subject: BAH Microsoft To Rush Out Emergency IE Patch
Date: Sun, 26 Jul 2009 21:05:25 -0400
From: Lisa <whitedove621@xxxxxxxxxxxxx>
Reply-To: blindAccessHelp@xxxxxxxxxxxxxxx
To: <blindAccessHelp@xxxxxxxxxxxxxxx>


 



> This is something that we need to be aware of.
> Microsoft to Rush out Emergency IE Patch (PC World)
> Published Sat, 25 Jul 2009 03:30:11 GMT
> PC World - Microsoft is taking the unusual step of rushing out two
> emergency
> security patches ahead of its regularly scheduled updates on Aug. 11.
> Yahoo! News
> Microsoft is taking the unusual step of rushing out two emergency security
> patches ahead of its regularly scheduled updates on Aug. 11.
> The patches will include a critical fix for Internet Explorer as well as a
> related Visual Studio patch rated "moderate" urgency by Microsoft.
> "The Internet Explorer bulletin will provide defense-in-depth changes to
> Internet Explorer to help provide additional protections for the issues
> addressed
> by the Visual Studio bulletin," Microsoft said in a late Friday.
> The patches are set to be released on Tuesday at 10:00 a.m. West coast
> time.
> Microsoft didn't say exactly what it was fixing. The company typically
> doesn't rush out these "out-of-band" emergency updates unless the bug is
> being exploited
> by cyber criminals; however, in this case the flaws being patched are not
> being leveraged in attacks, according to Microsoft.
> The problem appears to lie in a widely used Windows component called the
> Active Template Library (ATL). to security researcher Halvar Flake, this
> flaw is
> also to blame for an ActiveX bug that Microsoft identified earlier this
> month. Microsoft issued a kill-bit patch for the problem on July 14, but
> after
> looking into the bug, Flake determined that the patch didn't fix the
> underlying vulnerability, so new attacks are possible.
> Whatever the issue, the new patch should be a top priority for IT staff
> next
> week. "When Microsoft goes to an out-of-band patch, I think it's sensible
> for
> people to apply it," said Roger Thompson, chief research officer with AVG
> Technologies.
> Microsoft didn't give a reason for the rushed update but it may be trying
> to
> stay ahead of any public disclosure at next week's Black Hat security
> conference
> in Las Vegas. The emergency updates are set to be released the day before
> the Black Hat Briefings, where researchers Mark Dowd, Ryan Smith and David
> Dewey
> According to security experts, thousands of Web sites have been used to
> launch on-line attacks that exploit the ActiveX vulnerability patched in
> July. The
> flaw was first reported to Microsoft more than a year ago.
>

__________ Information from ESET NOD32 Antivirus, version of virus signature database 4280 (20090726) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com

__._,_.___
Blind Access Help...The blind leading the blind towards successful lives and careers.

List owner Jimmy.
Co Owner, Nimber.
Moderators, Inthane, Silvia and Cory.
http://groups.yahoo.com/group/blindaccesshelp

If you have any questions or have problems with the list, please email the management at
blindaccesshelp-owner@xxxxxxxxxxxxxxx


Recent Activity
Visit Your Group
Ads on Yahoo!

Learn more now.

Reach customers

searching for you.

Y! Messenger

Want a quick chat?

Chat over IM with

group members.

Yahoo! Groups

Weight Management Challenge

Join others who

are losing pounds.

.

__,_._,___
blind_html To unsubscribe, please send a blank email to blind_html-request@xxxxxxxxxxxxx with unsubscribe in the subject line. To access the archives, please visit: http://www.freelists.org/archive/blind_html Thanks

Other related posts:

  • » blind_html [Fwd: BAH Microsoft To Rush Out Emergency IE Patch] - Nimer Jaber