That particular bug, which was exploited quickly by criminals, affected the Windows Help and Support Center. Another two updates cover laws in the Microsoft Access ActiveX component and the CDD display driver foe Windows Server 2008 R2 and Windows 7. Overall, the Patch Tuesday load was about the norm.
"The most interesting vulnerability for the enterprise is MS10-045, which lets an attacker use a specially-crafted UNC path in an Outlook attachment to bypass Outlook’s warning about opening potentially malicious attachments," Tyler Reguly, senior security engineer at security firm nCircle, said.
"This is significant because Operation Aurora and other high profile email based attacks over the last year have proven to be highly successful."
To continue receiving updates, Windows XP SP2 desktops will need to be updated to SP3.
Written by: James Delahunty @ 15 Jul 2010 2:29