Microsoft to patch XP Help hole and four others on Tuesday

Crititcal patches requiring restart coming for all versions of Windows including Windows 7, WS2008 R2 and for Office

By Microsoft Subnet on Thu, 07/08/10 - 2:54pm.

Microsoft has promised a patch for the contentious XP Windows Help hole among its July Patch Tuesday fixes. Patch Tuesday is coming next week, July 13. The company will issue four patches that fix a total of five holes, with three patches rated critical.

Among the critical updates will be a fix for the XP Windows Help hole discovered by Travis Ormandy that has caused everyone so much grief. In June, Microsoft accused Ormandy, a Google security researcher, of putting Windows customers at risk of "broad attacks" by publishing code that exploits a zero-day vulnerability. Ormandy reportedly discovered this hole on his own time and not as part of his day job. Microsoft said that he gave the company less than five days notice between disclosing the hole and publishing proof-of-concept attack code. Microsoft then proceeded to document and publicize the attacks they found in the wild from the hole, via a blog post on the Microsoft Malware Protection Center.

The folks in Redmond say that at least 10,000 computers reported seeing the attack between June 15 and June 30.

Users were livid at Ormandy. But a group of rogue security researchers were just as enraged at Microsoft for what they perceived to be a public spanking of a researcher working on his own time because Microsoft is a rival with the researcher's employer, Google. The group this week vowed that they would publicize any Windows vulnerabilities they find, rather than report them quietly to Microsoft. It's a sad day when the white hats become indistinguishable from the black hats.

In any case, XP users (and Windows Server 2003 users, also affected) will get a patch for the hole on Tuesday, Microsoft says.

Of the four patches Microsoft will be releasing, two of them are for Windows, both rated critical and will likely require a restart. The Windows 7 and Windows Server 2008 patch fixes a vulnerability in the canonical display driver that could allow remote code execution. It was first reported on May 18. Server Core installations of Windows Server are not affected.

Two critical patches will be geared for Office and also may require a restart.

Here are the details of the software that will be affected, according to Microsoft.

Bulletin 1

Affected Software:
- Windows XP Service Pack 2 and Windows XP Service Pack 3
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP2 for Itanium-based Systems

Impact: Remote Code Execution

Bulletin 2

Affected Software:
- Windows 7 for x64-based Systems
- Windows Embedded Standard 7 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems (Windows Server 2008 R2 Server Core installation not affected)

Impact: Remote Code Execution

Bulletin 3

Affected Software:
- Microsoft Office Access 2003 Service Pack 3
- Microsoft Office Access 2007 Service Pack 1 and Microsoft Office Access 2007 Service Pack 2

Impact: Remote Code Execution

Important Security Bulletins
============================

Bulletin 4

Affected Software:
- Microsoft Office Outlook 2002 Service Pack 3
- Microsoft Office Outlook 2003 Service Pack 3
- Microsoft Office Outlook 2007 Service Pack 1 and Microsoft Office Outlook 2007 Service Pack 2

- Impact: Remote Code Execution

Check out these other posts from Microsoft Subnet

All of today's Microsoft news and blogs

Microsoft was against software patents before it was for them

Has Microsoft Courier come back to life?

Microsoft was against software patents before it was for them

How to create custom AD LDS attributes

Microsoft's cloud is slower than Google's, Amazon's, benchmark says

Finalists Named for the Imagine Cup 2010 Competition!

Thoughts on Cloud Computing

Like RSS? Subscribe to all Microsoft Subnet bloggers. Like e-mail? Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.)

Like Twitter? Follow All Microsoft Subnet bloggers on Twitter @microsoftsubnet

Follow Julie Bort on Twitter @Julie188 or connect with me on my Facebook Like Page

Tags

What is Tech Briefcase?

TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more

Bookmark content

Speed up your research efforts with content across the web.

Search and Store

Find the white papers you need. Create folders for any topic.

View Anywhere

Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.

Don't have an account yet?

About The Microsoft Update

Julie Bort is the editor of Microsoft Subnet and Network World's Online Community Editor. She also writes the Open Source Subnet blog and is the editor responsible for the Cisco Subnet and Open Source Subnet web sites. If you have an idea for a blog, or a news tip on Microsoft, Cisco or Open Source technologies, contact her at jbort@nww.com, 970-482-6454 or follow Julie on Twitter @Julie188.

The Microsoft Subnet blog is the official blog of the Network World's Microsoft Subnet community. Microsoft Subnet is the independent voice of Microsoft customers and is your gateway to daily Microsoft news, blogs, opinion, books, prize giveaways and more. Visit the Microsoft Subnet index page daily, and while you are there, subscribe to the Microsoft newsletter.

Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited