Microsoft to close one hole on Patch Tuesday
On the next Patch Tuesday, May 12th, Microsoft plans to close a critical vulnerability in PowerPoint 2000, 2002, 2003 and 2007. Whether this is the vulnerability discovered four weeks ago is not clear as the earlier description of the vulnerable versions did not include PowerPoint 2007, but did include Office 2004 for Mac. A patch for the Mac version of Office has not been announced and it is not mentioned in the advance bulletin.
There are apparently no other vulnerability patches due on the 12th, but the Microsoft Malicious Software Removal Tool will be updated. It will be interesting to see what signatures are added to the MSRT; recently Microsoft added signatures to detect the Koobface-A worm at the request of Facebook.
Microsoft will also release non-security updates for Microsoft .NET Framework 1.1 Service pack 1, Microsoft .NET Framework 3.5 Service Pack 1 and .Net Framework 3.5 Family and Windows PowerShell 1.0 for Vista.
- Microsoft Security Bulletin Advance Notification for May 2009, Microsoft advance notification.
- Security vulnerability in PowerPoint, a report from the H.
- Microsoft helps Facebook administer a worming, a report from the H.