Patchday fixes actively exploited vulnerability

Just as announced last Friday, Microsoft released 4 security bulletins on this Patch Tuesday. The updates from the bulletins close a security hole in the Windows Help and Support Center of Windows XP and Windows Server 2003, which is already actively exploited by cyber criminals to compromise computers.

The “Canonical Display Driver” of Windows 7 64-bits edition also contains a critical rated vulnerability which is fixed by the updates; in Windows Server 2008 R2 x64, Microsoft rates the vulnerability as being “important”. Another bulletin deals with a critical security hole within Microsoft Office Access 2003 and 2007 which may allow for remote code execution.

The last patched vulnerability on this July 2010 Patchday affects Outlook from Office XP, 2003 and 2007. Attackers may gain access to a system by sending specially prepared email attachments, but the mail recipient has to open that attachment – thus Microsoft only rates this security hole as important.

Users and administrators should install the updates as soon as possible to reduce the attack surface on their PCs. Also, now the support for Windows XP SP2 officially ended – every Windows XP system should be immediately get the Service Pack 3 installed!

Dirk Knop
Technical Editor