Microsoft released no less than eight security bulletins for the various supported releases of Windows client and server operating systems, including for the latest service packs of Windows Vista and Windows XP. Out of the total of patch packages impacting Windows, half feature a maximum severity rating of Critical, with the remaining four being rated as Important. The security updates are available through Windows Update since August 11, 2009, and customers are advised to deploy the patches as soon as possible in order to bulletproof their systems against attacks.
“Of note, Microsoft released MS09-043 to help protect customers from attacks on the Office Web Components vulnerability previously addressed by Security Advisory 973472. I also wanted to let you know that MS09-037 addresses five privately reported vulnerabilities in Microsoft Active Template Library (ATL). Security Advisory 973882 has been updated with a reference to MS09-037. Additionally, Microsoft has released Security Advisory 973811 to include a non-security update that enables new protection technology on the Windows platform,” revealed Christopher Budd, security response communications lead for Microsoft. More »
A change in Windows’ complex and interconnected architecture of components can easily reverberate throughout the operating system. It is the case of the Critical Microsoft Security Bulletin MS09-010, a security update designed to deal with vulnerabilities in WordPad and Office Text Converters which could allow remote code execution in the eventuality of a successful exploit. Although the flaws reside in WordPad and Office text converters, applying the patch managed to cause installations of Service pack 3 for Windows XP to fail. Effectively, attempting to install Windows XP Service Pack 3 via Windows Server Update Services is unsuccessful and the user is returned the following errors 0x8007f00d or 0x8007f02b.
“This can happen if the workaround for MS09-010 was applied to the client machines adding deny permission to file C:\program files\windows nt\accessories\mswrd8.wpc. This causes the WSUS installation to fail because we’re unable to access the file and update it. When trying to install SP3 manually (not using the Quiet switch), it causes an error reading the file above, prompting for a source to update the file or to skip the file. Since WSUS installs SP3 in quiet mode, the installation fails because it never prompts the user for file it’s trying to update,” explained Joao Madureira, WSUS support engineer. More »
Microsoft is enriching the collection of language packs available for Internet Explorer 8 RTW. At the end of April 2009, the Redmond company promised that it would deliver the IE8 gold language packs aimed specifically at Windows XP and Windows Server 2003 in mid-May. With the release of the two Multilingual User Interface packages for the two operating systems, the software giant managed to live up to its promise. The IE8 MUI packs are designed to play nice with the 32-bit and the 64-bit versions of Windows XP SP2, Windows XP SP3, and Windows Server 2003 SP2.
Vishwac Sena Kannan – IE International program manager, and Jatinder Mann – IE Setup program manager, explained that end users would have to tailor the IE8 MUI pack to the specific language and architecture of their operating systems. In this regard, they will first need to install the IE8 bits in English, and only after deploy the MUI pack matching the OS MUI pack already deployed. More »