Date: 17 July 2009
Click here for printable version
Microsoft and Oracle again released their patches together this week.
Microsoft published three critical and three important patches, including a currently exploited Microsoft Video ActiveX Control, the Embedded OpenType Font Engine and Microsoft DirectShow.
Active exploitation of Microsoft Office Web Components was reported on Monday.
A heads-up for any network admins who might have missed it, the ISC DHCP is vulnerable to a remote attack without user interaction. A rogue DHCP server could execute code with root privileges on the affected client machine.
Mozilla has released Firefox 3.5.1, now available for download to correct a code execution vulnerability.