A peek into Windows Vista and IE 7 betas shows some welcome security upgrades

Windows administrators are busy this week analyzing Microsoft’s (Profile, Products, Articles) most recent Patch Tuesday releases. Of the eight patches released on Oct. 11, at least four of them have already resulted in publicly available exploit code. FrSIRT has three of the exploits and is sure to get the others as they become known.

Although there are several critical vulnerabilities in the Patch Tuesday grouping, the consensus among several observers is that MS05-051 (MSDTC and COM+ vulnerabilities) is the most critical of the bunch. MS05-051 contains several fixes. The COM+ hole, in particular, would allow an exploit to execute malicious code remotely on previously fully patched Windows 2000, XP, and Server 2003 computers. MS05-052 is a cumulative patch update for Internet Explorer 5.5 and 6.x and deserves special consideration as well. No word on whether these vulnerabilities affect Windows Vista and IE Microsoft security: Something old, something new | InfoWorld | Column | 2005-10-21 | By Roger A. Grimes

Linked by shanmuga Friday, 21st October 2005 10:21PM