Member Sign In
Not a member?

A Wired.com user account lets you create, edit and comment on Webmonkey articles. You will also be able to contribute to the Wired How-To Wiki and comment on news stories at Wired.com.


It's fast and free.

Sign in with OpenID
Sign In
Webmonkey is a property of Wired Digital.
processing...
Join Webmonkey
Please send me occasional e-mail updates about new features and special offers from Wired/Webmonkey.
Yes No
Please send occasional e-mail offers from Wired/Webmonkey affiliated web sites and publications, and carefully selected companies.
Yes No
I understand and agree that registration on or use of this site constitutes agreement to Webmonkey's User Agreement and Privacy Policy.
Webmonkey is a property of Wired Digital.
processing...

Retrieve Sign In

Please enter your e-mail address or username below. Your username and password will be sent to the e-mail address you provided us.

or
Webmonkey is a property of Wired Digital.
processing...

Welcome to Webmonkey

A private profile page has been created for you.
As a member of Webmonkey, you can now:
  • edit articles
  • add to the code library
  • design and write a tutorial
  • comment on any Webmonkey article
Close
Webmonkey is a property of Wired Digital.

Sign In Information Sent

An e-mail has been sent to the e-mail address registered in this account.
If you cannot find it in your in-box, please check your bulk or junk folders.
Sign In
Webmonkey is a property of Wired Digital.

Microsoft Patches First Vista-only Security Flaw

By Scott Gilbertson June 13, 2007 Categories: Operating Systems, Web Basics

Winvista_v_thumb_9Yesterday was Microsoft’s patch Tuesday and the company issued a number of security updates for both Windows Vista, XP and 2000 users. June’s release contains 6 new bulletins, 4 of which are listed as critical.

Together the six patches fix fifteen vulnerabilities found in a variety of Windows programs including Internet Explorer, Outlook Express, Windows Mail and, for the first time, a flaw unique to Windows Vista.

While previous patches have been issued for Vista, yesterday’s release marks the first time Microsoft has had to patch a flaw introduced by code in Vista. Pervious Vista patches applied to problems with legacy code. The MS07-032 update applies to Vista systems only and addresses a vulnerability in setting Access Control Lists, which could allow “information disclosure,” as the Microsoft advisory puts it.

Perhaps the most serious flaw in June’s batch of patches is a fix for a critical flaw in the SSL libraries used by Windows, which can be exploited via IE. The SSL vulnerability also affects non-Microsoft browsers like Firefox and Opera which call the SSL libraries included in the OS.

To update your system turn on the automatic update feature or head to the Microsoft Update site and downloading the patches by hand.

Tags: Vista
Post Comment Comments Permalink Print
Reddit Digg