3 Critical Microsoft Updates, 1 Important, 1 Moderate and 1 re-released
Looks like an interesting patch day. Looks like there are several bugs covered by the cumulative IE patch… Sans has a good writeup (7 CVE issues addressed by this 1 patch….) Also the Eolas ActiveX settlement (“Eolas Patent Patch”) solution seems to be included in this bundle. Also a MDAC and a Windows Explorer (not to be confused with the Internet Explorer) patch. (The Windows Explorer AND MDAC bugs are Remote code execution vulnerabilities…)
The Outlook Express update seems to be an issue with the handling of .wab address book files… (Remote code execution vulnerability.)
And finally there is the Frontpage Server Extension vulnerability that is summed up thusly…. “A remote code execution exists in FrontPage Server Extensions (FPSE) or Sharepoint Team Services (STS) which could allow an attacker to run client-side scripts on behalf of an FPSE user.”
So it looks like a remote code execution theme of the day…. get patching.
Another good summary of the patches (and their effect..) is over at The security fix