Here's a heads up about another patch - Microsoft is pushing out two emergency security patches ahead of its regularly scheduled updates on Aug. 11th.


[QUOTE]In a rare move, Microsoft on Friday said it would be releasing security updates on Tuesday--outside of its monthly patch cycle--for a critical vulnerability in Internet Explorer and a moderate vulnerability in Visual Studio...


The vulnerabilities affect Windows 2000, Windows XP, Vista, Windows Server 2003 and 2008, Internet Explorer 6, 7 and 8, Microsoft Visual Studio .NET 2003, Visual Studio 2005 and 2008 and Visual C++ 2005 and 2008, according to the security bulletin advance notification. ...[ENDQUOTE]

http://news.cnet.com/8301-27080_3-10295592-245.html




[QUOTE] Microsoft didn't say exactly what it was fixing. The company typically doesn't rush out these "out-of-band" emergency updates unless the bug is being exploited by cyber criminals; however, in this case the flaws being patched are not being leveraged in attacks, according to Microsoft. The problem appears to lie in a widely used Windows component called the Active Template Library (ATL). According to security researcher Halvar Flake, this flaw is also to blame for an ActiveX bug that Microsoft identified earlier this month. Microsoft issued a kill-bit patch for the problem on July 14, but after looking into the bug, Flake determined that the patch didn't fix the underlying vulnerability, so new attacks are possible.[ENDQUOTE]

http://news.idg.no/cw/art.cfm?id=B15...91CCA41D41AA9E