Microsoft’s “Black” Patch Tuesday

A new year and a new set of Microsoft security updates no thanks to another fun installment of Microsoft “Patch Tuesday.” This month we see Microsoft offering an “important” fix for a multilingual version of Office 2003, a critical Outlook patch, a critical Excel patch and lastly, a critical vector markup language patch.

The following is a list of what new goodies our faithful friend, Microsoft, has removed from their big bag of presents:

MS07-001: Vulnerability in Microsoft Office 2003 Brazilian Portuguese Grammar Checker Could Allow Remote Code Execution.
KB Number: 921585
Severity: Important

MS07-002: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution.
KB Number: 927198
Severity: Critical

MS07-003: Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution.
KB Number: 925938
Severity: Critical

MS07-004: Vulnerability in Vector Markup Language Could Allow Remote Code Execution.
KB Number: 929969
Severity: Critical

I highly recomment that these patches be installed once they have been delivered to you via Microsoft’s automatic update service. If, for whatever reason, you do not see them show up anytime soon then I strongly recommend that you force-check for new updates. Once prompted to install these security patches then do so immediately.

What will February have in store for Windows users across the world? Only time will tell!

Wordpress Unspecified Vulnerability

Secunia is reporting that an unspecified vulnerability has been found in Wordpress. This, along with a user account enumeration weakness, is the latest security issue to affect the highly popular open-source blogging platform.

The unspecified vulnerability affects all versions prior to 2.0.6 whereas the user account enumeration weakness has been confirmed to only affect 2.0.5. Other releases may be affected but have yet to be validated.

In order to mitigate these issues it is highly recommended that users upgrade to Wordpress 2.0.6. It is always recommended to upgrade when critical security issues are located in products that are currently in use.