>Another Big Patch Release

>

This week, Microsoft release another series of critical patches. We will again be rolling out the following patches to all monitored servers as soon as possible. However, we strongly recommend that all users run Windows update immediately and install ANY and ALL patches marked “Important.”* Or schedule a Servcom USA technician to deploy the patches on your network today.

Should I be worried?
If your computer is running any of the following Operating Systems, you need an update immediately:

  1. Windows 2000, SP4
  2. Windows XP, SP2 (x86/x64) and SP3 (x86 only)
  3. Windows Vista, all versions
  4. Windows 7

What dangers do these updates fix?
For anyone who goes online, the most important updates are 974455 and 957488 (see the list below), which address a problem with the way Windows displays graphics from web pages. These security vulnerabilities could allow hackers to install code on your computer after you click on virtually any image on any website. The code could be used to hijack a computer, steal passwords, or capture other personal data directly off the system without any user interaction.

What about my company’s servers?
The following servers require updating:

  1. Windows Server 2003, SP2 (all chipsets)
  2. Windows Server 2008 (all chipsets)
  3. Windows Server 2008, SP2 (all chipsets)
  4. Windows Server 2008 R2 (x64 and Itanium)

For more information, check out theMicrosoft Bulletin.

Critical Updates – these updates must be installed immediately

  • Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517)
  • Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682)
  • Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112)
  • Cumulative Security Update for Internet Explorer (974455)
  • Cumulative Security Update of ActiveX Kill Bits (973525)
  • Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965)
  • Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378)
  • Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488)

Important Updates – these updates are strongly recommended, but not required

  • Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254)
  • Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571)
  • Vulnerability in Indexing Service Could Allow Remote Code Execution (969059)
  • Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)
  • Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467)

As always, you can request service via phone or through our
website.

Leave a Reply

Your email address will not be published. Required fields are marked *