HOTFIXES

Revised: 08.05.2009

MS09-034 (972260) [Updated: 7/30/2009]
Apply this Internet Explorer patch today

This week, Microsoft released security bulletin MS09-034 without waiting for the next scheduled Patch Tuesday on Aug. 11. According to the Redmond company, this patch is rated "Critical" for IE 6/7/8 on XP and IE 7/8 on Vista. (While the Windows 7 release to manufacturing (RTM) version is unaffected by the problem, the Windows 7 release candidate does requiring patching.)
On the other hand, if you haven't yet applied the MS09-032 update, installing this week's out-of-cycle patch means you don't have to install the previous one.

Affected: Everyone

MS09-035 (969706) [Updated: 7/30/2009]
Apps developed using ATL may be insecure

Hearing of a new patch for Internet Explorer, most of us would sigh, launch Firefox, and simply go on with our lives, thinking we are unaffected. The problem announced this week, however, involves more than just IE.

The vulnerable ActiveX control present in Visual Studio's Active Template Library (ATL) is used in many third-party applications. So security bulletin MS09-035 may be the more important of this week's two out-of-cycle updates.

Affected: Developers

MS08-067 (958644) [Updated: 3/30/2009]
Vulnerability in Server Service Could Allow Remote Code Execution (958644)

The Conficker worm can infect vulnerable computers merely by connecting to them remotely via the Internet. For this reason, you should first try to patch Windows before removing Conficker, lest your machine quickly become infected again. It's particularly important to install Microsoft patch 958644 (security bulletin MS08-067 and MS06-040). This patch closes a hole in Windows' Remote Procedure Call, which Conficker exploits. Hearing of a new patch for Internet Explorer, most of us would sigh, launch Firefox, and simply go on with our lives, thinking we are unaffected. The problem announced this week, however, involves more than just IE.

Affected: Everyone