Microsoft released 11 new security patches for Windows, 6 of them rated as critical.
The 6 critical software updates patch vulnerabilities in WebDAV, OLE Automation, Microsoft Word and Office Publisher. All of them could allow remote execution, according to Microsoft. The company also released a critical patch for Internet Explorer.
The rest of the patches are rated as important and cover vulnerabilities in Active Directory, TCP/IP, IIS and Microsoft Works File Converter.
For additional information and downloads, visit http://www.microsoft.com/technet/security/bulletin/ms08-feb.mspx
Windows Vista SP1 Non-Security Update
Microsoft will also release today a non-security update, scheduled for distribution via Windows Update. The update KB947172, a Cumulative Update for Media Center for Windows Vista, addresses an issue introduced by KB941229 where, when watching live digital TV on an Xbox 360, changing channels may freeze the UI. This update is included in Windows Vista SP1.
Speaking of Windows Vista SP1, the final two of three prerequisite updates needed to install Windows Vista SP1 will also be hitting Windows Update. KB937287 which is the servicing stack update and KB938371 which is a multi-component update are both required before installing Windows Vista SP1. KB938371 will not be offered to Windows Vista Enterprise and Windows Vista Ultimate systems until KB935509, the first prerequisite in the series of three, has been installed. Both of the Windows Vista SP1 prerequisites are marked "Important" and will install automatically if Window Updates are set to the recommended configuration.