August 06, 2009

ActiveX fix, eight other Microsoft patches to land Tuesday

Microsoft expects to distribute nine patches on Tuesday as part of its monthly security update, one of which should resolve a recently announced flaw that was being actively exploited.

Eight of the fixes address vulnerabilities in Windows, five of which have been assigned a "critical" rating by the software giant. Three others are deemed "important."

The ninth bulletin, graded critical, addresses a zero-day ActiveX bug affecting Office, Visual Studio, ISA Server and BizTalk Server. The vulnerability, which has been leveraged to conduct in-the-wild attacks, resides in the Spreadsheet ActiveX control in Office Web Components, according to an advisory from July.

As users await the fix, Microsoft has been recommending they set a kill bit to prevent Office Web Components from running in Internet Explorer.

The patches are expected to be dropped about 1 p.m. EST on Tuesday.







Related Articles
Related Topics
close

Next Article in News

Sign up to our newsletters

More in News

Bitcoin mining botnet has become one of the most prevalent cyber threats

Fortinet researchers have tracked 100,000 new ZeroAccess trojan infections per week, making the botnet very lucrative to its owners.

House Intelligence Committee OKs amended version of controversial CISPA

House Intelligence Committee OKs amended version of controversial ...

Despite the 18-to-2 vote in favor of the bill proposal, privacy advocates likely will not be satisfied, considering two key amendments reportedly were shot down.

Judge rules hospital can ask ISP for help in ID'ing alleged hackers

Judge rules hospital can ask ISP for help ...

The case stems from two incidents where at least one individual is accused of accessing the hospital's network to spread "defamatory" messages to employees.