Security Alert: ActiveX Vulnerability Addressed by Latest Windows Updates

Technologyon July 14th, 2009No Comments

Today, ISC SANS returned the Infocon status to green. They are hopeful that yesterday’s raising of the status to yellow increased awareness of the vulnerability.

Microsoft has released Windows Updates for multiple issues today, and one directly addresses the ActiveX vulnerability that caused the Infocon status to increase to yellow yesterday. Microsoft customers are recommended to deploy the new updates soon, in particular those rated with a Critical classification.

Read more about Microsoft’s latest updates along with executive summaries here, Microsoft Security Bulletin Summary for July 2009

Keenpath’s Recommended Action:

Those with Automatic Updates enabled will receive the latest updates and they will be automatically installed

For more control over how the updates are deployed, Microsoft Windows Server Update Services (WSUS) are recommended to approve and install the updates

Security Alert: Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution

Technologyon July 13th, 2009No Comments

ISC SANS (Internet Storm Center) diary handler Adrien de Beaupre posted an alert and information regarding the Microsoft advisory related to an Office Web Components ActiveX vulnerability. The ISC has increased Today’s Internet Threat Level to Yellow to raise awareness of this issue. Click the below jump link to view more details.

Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution