14 DAY TRIAL // Today, Microsoft has launched patches that are intended to correct the vulnerabilities announced in 10 security bulletins. Three of them were rated as critical by Microsoft.
One of those patches a vulnerability found in several versions of Internet Explorer (IE) 5 and 6 affecting Windows 98/ME/XP and Windows Server 2003 operating systems and it is a about a remote code that targets Portable Networks Graphic (PNG) images and XML content.
Another critical vulnerability is related to Microsoft's HTML Help function which allows an attacker to bypass the software's methods for validating input data.
Microsoft's server message block (SMB), found in all Windows versions, was the subject of another critical patch in this month's update. SMB is the protocol Windows platform uses to share files, printers, serial ports and communication with other computers. A successful attack over a corporate network would allow a malware (define) writer to execute code on machines throughout the network.
The June patch contains a fix to the Web client service affecting several versions of Windows XP and Windows Server 2003 that patches an unchecked buffer, allowing the attacker to take control of the system.
Microsoft also solved an important flaw affecting Windows 98/ME/2000/XP/Server 2003, where an unchecked buffer used to validate bookmark link files could allow an attacker to gain control of a PC. The user would first have to open an attachment in an e-mail or visit a Web site with the necessary malware for it to take effect.