"For the second time this month, Microsoft has shipped a security bulletin with patches for a ?critical? Vista vulnerability that puts millions of users at risk of code execution attacks."

" ? is one of five bulletins released in Microsoft?s scheduled batch of patches for April. Four of the five are rated ?critical,? Microsoft?s highest severity rating."

"The five bulletins contain fixes for a total of 8 vulnerabilities affecting multiple versions of Windows and the Microsoft Content Management Server."

"The total patch count for April stands at 15, including the flaws covered in last week?s "

"The remote code execution flaw that dinged Vista is an error in the way the Windows Client/Server Run-time Subsystem (CSRSS) process handles error messages. An attacker could exploit the vulnerability by constructing a specially crafted application that could potentially allow remote code execution."

"In all, the MS07-021 update fixes three different CSRSS bugs, all affecting Vista. However, only one of the three is rated critical across the board. The risk from the other two are limited toprivilege escalation and denial-of-service conditions."

" ? Fixes two flaws in Microsoft?s Content Management Server, a product that allows customers to build, deploy, and maintain Web sites. One is a remote code execution vulnerability in the way HTTP requests are handled and the second bug could cause spooofing
... read the whole article