November Patch Tuesday to Address Critical Windows Vulnerabilities
As is the tradition with Microsoft, on each second Tuesday of the month the Redmond software developer will release an update or patch for their Windows-based operating systems and other software products. The November 11 update, be it a small one, addresses remote code execution vulnerabilities in Windows and Microsoft Office that Microsoft has deemed as critical.
Two patches will be released this Patch Tuesday: one will patch the critical vulnerabilities in MSOffice and Windows we were telling you before; the other will patch an important remote code execution vulnerability that affects all Windows-based operating systems.
Here is a detailed list of all afflicted Windows software: Microsoft Windows 2000 Service Pack 4, Windows XP Service Pack 2 and 3, Windows XP Professional x64 Edition (Service Pack 2 included), Windows Server 2003 Service Pack 1 and 2 (Itanium-based Systems included), Windows Server 2003 x64 Edition (Service Pack 2 included), Windows Vista (Service Pack 1 included), Windows Vista x64 (Service Pack 1 included), Windows Server 2008 x32, x64, and Itanium-based.
Here is a detailed list of all afflicted Office software: Microsoft Office 2003 Service Pack 3, 2007 Microsoft Office System, 2007 Microsoft Office System Service Pack 1, Microsoft Word Viewer 2003 Service Pack 3, Microsoft Expression Web and Microsoft Expression Web 2, Microsoft Office Groove Server 2007, Microsoft Office SharePoint Server 2007 (Service Pack 1 x64 version included).
It is important that you keep your operating system up to date and fully patched. That is why you should enable the auto-update feature in your Windows OS (if you have not done so already) and stay safe. I will admit that this is the smallest update Microsoft has released this year, but it does not meant it is not an important (better yet critical) one.
For those of you that do not know this, Microsoft uses a 4 tier rating system: low, moderate, important and critical. A low vulnerability poses the least amount of risk to the users because exploiting it is not only exceptionally hard, doing so will not have a tremendous impact on the affected system. A critical vulnerability is pretty much the exact opposite, allowing for a worm to propagate itself and infect unprotected systems (such as the MS08-67 worm that has been circulating recently).
Two patches will be released this Patch Tuesday: one will patch the critical vulnerabilities in MSOffice and Windows we were telling you before; the other will patch an important remote code execution vulnerability that affects all Windows-based operating systems.
Here is a detailed list of all afflicted Windows software: Microsoft Windows 2000 Service Pack 4, Windows XP Service Pack 2 and 3, Windows XP Professional x64 Edition (Service Pack 2 included), Windows Server 2003 Service Pack 1 and 2 (Itanium-based Systems included), Windows Server 2003 x64 Edition (Service Pack 2 included), Windows Vista (Service Pack 1 included), Windows Vista x64 (Service Pack 1 included), Windows Server 2008 x32, x64, and Itanium-based.
Here is a detailed list of all afflicted Office software: Microsoft Office 2003 Service Pack 3, 2007 Microsoft Office System, 2007 Microsoft Office System Service Pack 1, Microsoft Word Viewer 2003 Service Pack 3, Microsoft Expression Web and Microsoft Expression Web 2, Microsoft Office Groove Server 2007, Microsoft Office SharePoint Server 2007 (Service Pack 1 x64 version included).
It is important that you keep your operating system up to date and fully patched. That is why you should enable the auto-update feature in your Windows OS (if you have not done so already) and stay safe. I will admit that this is the smallest update Microsoft has released this year, but it does not meant it is not an important (better yet critical) one.
For those of you that do not know this, Microsoft uses a 4 tier rating system: low, moderate, important and critical. A low vulnerability poses the least amount of risk to the users because exploiting it is not only exceptionally hard, doing so will not have a tremendous impact on the affected system. A critical vulnerability is pretty much the exact opposite, allowing for a worm to propagate itself and infect unprotected systems (such as the MS08-67 worm that has been circulating recently).
