Security Fix – Microsoft’s Emergency Patch Mess:
http://voices.washingtonpost.com/securityfix/2009/07/microsofts_emergency_patch_mes.html?wprss=securityfix

From the comments:

“I am not sure about the following comment Microsoft made regarding the release of these latest patches to IE. “We decided to issue these updates now rather than wait for things to get worse.” Why would Microsoft wait to release these patches? They should release them as soon as the patches are ready, especially if they are critical patches. The above statement makes me think Microsoft waits to release patches until things are bad. I do not understand that. “

Microsoft patches on a cycle that releases the patches on the second Tuesday of each month.  The reason that this is being released now, and not later in August is one word: BLACKHAT.  Tomorrow (Wednesday) at 3:15 p.m., three researchers are giving a talk on how to bypass the existing ActiveX blocker.

Microsoft BlueHat Blog : Black Hat USA Spotlight: ATL Killbit Bypass:
http://blogs.technet.com/bluehat/archive/2009/07/27/black-hat-usa-atl-killbit-bypass.aspx

For more check out the upcoming newsletter at www.windowssecrets.com

 

Comments are closed.