Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Microsoft posts 10 security fixes for Patch Tuesday

Add to     Digg this story Digg this

Jun. 4, 2010

For the next Patch Tuesday on June 8th, Microsoft is lining up no less than 10 major security patches covering over 34 critical vulnerabilities. Patch Tuesday is when the software giants posts on its website the latest security fixes for known software vulnarabilities in its Windows operating system. It always happens on the second Tuesday of the month, but there are times when Microsoft has been known to patch the security holes twice a month. In the case of Windows 7, patches vary between 3 to 5 times a month, since the OS is still fairly new, having been launched just on Oct. 27, 2009.

Click here to order the best dedicated server and at a great price.

So far, three of the 10 software patches cover critical security holes, normally defined as security flaws that might allow a hacker to take full control of the targeted computer. The other seven notices fall in the lesser category of important and deal with security issues in Windows and Office.

The critical security vulnerabilities affect all supported version of Windows, including Windows XP, Windows Vista, Windows 7, Windows Server 2003, Server 2008 and Internet Explorer.

The security updates are due to cover two unpatched vulnerabilities in SharePoint (Bulletin KB983438) and an information leakage bug in Internet Explorer (Bulletin KB980088), Microsoft said.

"The June 8 release is a very large update and will keep system administrators fairly busy, even if they have migrated to Windows 7 already," explained Wolfgang Kandek, CTO of Qualys.

More details will come with the release of the patches on June 8.

Last month, Microsoft saids that it's in the process of investigating a security hole that is apparently present in older versions of its SharePoint Server software that an independent researcher says can easily expose private information, sensitive data and user authentication passwords.

The vulnerability exists due to failure in the '/layouts/help.aspx' script to properly 'clean' user-supplied input in the "cid0' variable," the Microsoft security advisory states.

"Successful exploitation of this security flaw could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data."

The XSS, or cross-site scripting vulnerability has already been confirmed in SharePoint Server 2007 and is likely also present in earlier versions of the CMS (content management system) software, a MS advisory from High-Tech Bridge warned.

It allows adversaries to inject malicious javascript into the application by appending commands to the address of the targeted system.

High-Tech Bridge said they notified Microsoft of the security hole on April 12, but only made the report public on April 29.

So far, a Microsoft spokeswoman said yesterday that researchers are in the process of drafting a security advisory that includes mitigation and workaround details. With 17 days notice, it's unclear why Redmond's security team didn't already have that information ready to go... (!)

On April 29 as well, a separate advisory on the Future Musings blog warned of an XSS security vulnerability in the iPhone's Facebook app.

Overall, XSS bugs are by far the most common form of security vulnerability plaguing the Internet today. Webmasters and software providers often downplay them as insignificant, because the severity of many of them is rather minimal, although they are still critical.

Add to     Digg this story Digg this

Source: Microsoft.

Save Internet's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet    Terms of use    Privacy agreement    Legal disclaimer

Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.

Get your Linux or Windows dedicated server today.

The industry's best and most accurate tool to find out EXACTLY what your CORRECT keywords are. Click here to learn more.