Today’s Patch Tuesday from Microsoft comes with 9 security advisories, 5 of which are tagged as critical, 4 as important. Collectively, 19 flaws are addressed in these advisories, 15 of which are critical. This set of advisories also includes the bulletin that addresses the previously exploited Microsoft Office Web Components bug.
The critical advisories include patches for vulnerabilities in Microsoft Office Web Components (MS09-043), Remote Desktop Connection (MS09-044), Internet Name Service (MS09-039), Windows Media File Processing (MS09-038), and Active Template library (MS09-037).
Details about these vulnerabilities can be found at our Security Advisory for the August 2009 Patch Tuesday at the Threat Encyclopedia. The Microsoft blog says that five of the six critical patches are rated “1” in their Exploitability Index. They are thus expecting there to be some in-the-wild exploits targeting these within 30 days from now.
Again, this is a reminder to make sure that all your applications and operating systems are up to date with the latest patches. Software vendors issue these patches to prevent cybercriminals from exploiting these vulnerabilities. Update now.
Trend Micro OfficeScan users with Intrusion Defense Firewall plugin installed should apply today’s update for the latest filters (IDF09024). This version contains protection from attacks exploiting the above and other vulnerabilities.