Friday, July 24, 2009

Two Out-of-Band Microsoft Security Bulletins

Microsoft has released advance notification of two Out-of-Band security bulletins they are intending to release on July 28, 2009.

One bulletin will be for the Microsoft Visual Studio and the other provides chanes to Internet Explorer. As reported in the MSRC Blog:
"While we can’t go into specifics about the issue prior to release, we can say that the Visual Studio bulletin will address an issue that can affect certain types of applications. The Internet Explorer bulletin will provide defense-in-depth changes to Internet Explorer to help provide additional protections for the issues addressed by the Visual Studio bulletin. The Internet Explorer update will also address vulnerabilities rated as Critical that are unrelated to the Visual Studio bulletin that were privately and responsibly reported."

Bulletin ID: Visual Studio
Maximum Severity Rating: Moderate
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Visual Studio .NET 2003, Microsoft Visual Studio 2005, Microsoft Visual Studio 2008, Microsoft Visual C++ 2005, and Microsoft Visual C++ 2008

Bulletin ID: Internet Explorer
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Internet Explorer on Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008


References:



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: