Microsoft to patch serious IE, Exchange Server flaws

Article

Microsoft to patch serious IE, Exchange Server flaws

Microsoft plans to issue four bulletins next week repairing critical flaws in Internet Explorer and Microsoft Exchange Server.

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

SearchSecurity.com:
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

Microsoft said two security updates repair flaws that could allow remote code execution. The updates to Internet Explorer and Exchange Server are rated critical for Windows XP and Vista and moderate for Windows Server 2003 and 2008.

The Microsoft advance notification, also identifies two bulletins that address flaws in Microsoft SQL Server and Microsoft Office. Both updates are rated important.

Microsoft January updates:
Microsoft updates critical SMB server flaws: The latest Microsoft security update addresses two critical remote code execution vulnerabilities and a denial-of-service flaw in the Server Message Block.

The software giant will also release an updated version of its Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center. A Security Bulletin Webcast is also planned so users can ask questions about the latest fixes.

In January Microsoft issued a single security update patching critical flaws in the Server Message Block (SMB) that could be exploited by an attacker to access sensitive data or create a new account with full-user rights. Patching experts called the update "fine tuning" of an earlier patch (MS08-068), which addressed Windows authentication protocols affecting the SMB server.