Microsoft Security Updates for July 2004

Microsoft? released seven Windows security updates this afternoon. Two of the updates have been identified as critical security patches (MS04-022 and MS04-023). It is recommended that the Microsoft updates be applied to the applicable Windows operating systems.

MS04-022 corrects a security vulnerability in the task scheduler function of computers using Windows 2000, Windows XP and, possibly, Windows NT.

MS04-023 corrects a security vulnerability in the help function of Internet Explorer. Computers using Windows 98, ME, Windows 2000, Windows XP and Windows Server 2003 are susceptible to this vulnerability. However, Microsoft reportedly will release Windows 98 and ME security patches for this vulnerability at a later date.

Both vulnerabilities could permit an unauthorized individual to be able to remotely control a Windows computer that lacks the critical security patch.

Other significant security updates:

MS04-024, Vulnerability in Windows Shell, Windows NT, 2000, XP, Server 2003

MS04-021, Security Update for IIS 4.0, Windows NT 4.0

MS04-020, Vulnerability in POSIX Could Allow Code Execution, Windows NT and 2000

MS04-019, Vulnerability in Utility Manager Could Allow Code Execution, Windows 2000

MS04-018, Cumulative Security Update, Outlook Express, Windows NT, 2000, XP, 2003 Server

Additional information: http://www.microsoft.com/security/bulletins/200407_windows.mspx.