 | By Susan Bradley Microsoft ranks 6 of the 9 patches released on Aug. 14 as “Critical,” and only 3 as “Important” — but I’m rating all 9 of them as critical if you use the platforms that are affected. We must patch once again for three XML, GDI, and VML threats, along with the usual Malicious Software Removal Tool updates and a new fix for 64-bit kernel protection. |
MS07-042 (936227, 933579, 936021, 936181, 936048, 936960, 936056)
XML must be patched again, and it’s crucial
I read on Aug. 14 that this week’s XML patches in MS07-042 are replacing the patches in the MS06-061 and MS06-071 bulletins, which were released last year and earlier this year. I was a bit surprised that we’ve been patching these components repeatedly since 2006.
I guess it’s because XML is one of a technology that’s seemingly in everything, as Knowledge Base article 269238 showcases.
It’s also a piece of technology that’s not easy to explain, other than the fact that it’s a foundation that’s used in many applications. I know that it’s included with several of the programs my office uses.
The hole fixed by MS07-042 looks like an easy “malware cocktail” ingredient that can easily be used by malicious Web sites. I’m placing this patch on a fast track to install. I urge you to do so as well.
MS07-046 (938829)
Fix GDI now before exploits appear
A new fix for Windows’ graphical interface is patch two of my “Here we go again!” patches that first came out in 2006. Bulletin MS07-046 this week replaces MS06-061.
Related posts:
