Microsoft Unleashes Its Monthly Patch Pack
It's the second week of February, it's past Tuesday, it's time we took a look at what Microsoft released in its monthly fixing cycle.
February 11, 2009
The first two bulleting are rated critical and addressed vulnerabilities discovered in Internet Explorer and Microsoft Exchange. The Internet Explorer flaw allows remote code execution if the user visits an especially-created malicious page.
Microsoft Exchange has been patched up in two different places, thus removing the possibility of both remote code execution and denial of service.
The first important patch is aimed at three vulnerabilities in Microsoft Office Visio. Up till now, the flaw would've allowed remote code execution if the user had opened a specially crafted Visio file.
The last patch in the pack (also rated important) fixes SQL Server, which was vulnerable to remote code execution if hackers managed to access an affected system or if the system had become the victim of an SQL injection attack.