Only two security updates for upcoming MS patch day
Microsoft has announced just two security updates for its upcoming patch day on 11 November. The software giant rates a vulnerability in Microsoft XML Core Services 3.0 as critical, since it allows code to be executed remotely. The flaw is also present in XML Core Services 4.0 and 6.0, although this is viewed as less critical. Windows 2000, XP, Server 2003, Vista and Server 2008 are affected.
The second update is to fix the same vulnerability in Office 2003 and Office SharePoint Server 2007 with XML Core Services 5.0 which also allows remote code execution. In this instance, however, Microsoft has classified the problem as 'important'. There will also be an updated version of the Malicious Software Removal Tool and an update for the junk filter in Windows Mail for Vista.
See also:
- Microsoft Security Bulletin Advance Notification for November 2008, Microsoft Advance Notification
(djwm)