What – me worry?
Daylife/AP Photo used by permission
Microsoft released 10 updates to various versions of Windows, components of Microsoft Office, and a cumulative update to Internet Explorer on Patch Tuesday. The company patched a total of 31 vulnerabilities in the update, with some being highly exploitable.
The most serious one is the update for Internet Explorer, MS09-019: Cumulative Security Update for Internet Explorer. This update addresses a critical vulnerability on every client version of Windows. 8 separate vulnerabilities are patched in this update, including one which was publicly disclosed in 2007. While this very old vulnerability has been public knowledge for some time, there are no known reports of exploit code and Microsoft’s exploitability index states that functioning exploit code for it is unlikely…
Finally, a vulnerability in Microsoft Excel, MS09-021: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution, is rated critical for Excel 2000 and important for a wide variety of Excel products including the Mac versions, the file viewers, file compatibility packs and the Sharepoint Server. 7 separate vulnerabilities are patched, 6 of them critical on Excel 2000. 4 of these are likely to produce functioning exploit code for remote code execution, but the rating is only critical on Excel 2000 because of mitigating factors in later versions.
RTFA. Grab the details. Phew!