Microsoft Patchday – 8 vulnerabilities fixed
On March 2010 Patch Tuesday, Microsoft released just two security bulletins. One is about 7 flaws in Microsoft Excel, which affect all supported versions of the software – including the format converters and MS Office for Mac. The other one deals with a important rated issue within Windows Movie Maker and Microsoft Producer 2003. The vulnerabilities are only rated important, as users must open specially prepared files to get infected with malware.
For Microsoft Producer 2003 no update is available yet. According to a security advisory by Core Security, by avoiding opening or removing the file associations for Movie Maker .MSWMM and/or Microsoft Producer 2003 .MSProducer, .MSProducerZ, and .MSProducerBF files systems can be protected. Windows Live Movie Maker which is a downloadable version for Windows 7 is reportedly not affected by this issue.
As Microsoft expects exploits for these vulnerabilities to appear very soon on the net, it is recommended to install the provided updates ASAP.
One new vulnerability in Internet Explorer 6 and 7 is investigated by Microsoft currently. No patch to fix the security hole is available yet. Just by visiting a malicious web site the computer could get compromised. As workaround, use a different browser or update to Internet Explorer 8 which allegedly is not affected by the critical flaw.
Dirk Knop
Technical Editor