Threat Center Security News Microsoft Patch Tuesday (July 2008)
Microsoft Patch Tuesday (July 2008) Print E-mail
Written by Rebecca Mints   
Wednesday, 09 July 2008 06:04

Microsoft patch Tuesday brings four bulletins for nine flaws. Though a month without "critical" vulnerabilities and a low number of bulletins might suggest there's not much to worry about, researchers say Microsoft is downplaying the potential risks.

 

The bulletins include:
  • (MS08-040) Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege
  • (MS08-038) Vulnerability in Windows Explorer Could Allow Remote Code Execution
  • (MS08-037) Vulnerabilities in DNS Could Allow Spoofing
  • (MS08-039) Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege .

    • While the absence of any vulnerabilities with a "critical" rating and the relatively low number of bulletins might suggest there's not much to worry about this month, Eric Schultze, CTO of Shavlik Technologies, believes Microsoft is downplaying the potential risks. "If you consider this a light month, then Microsoft has done its job," Schultze said. "By [rating the vulnerabilities 'important,'] they hoped to lessen their visibility. It's an interesting month because there's nothing very earth-shattering but there still are important things to pay attention to."

     

    Sources:
    informationweek.com
    microsoft.com
    qualys.com

     

    WTW Threat Level