MS Patch Tuesday for July

Microsoft just released their latest patches for the month of July:

http://www.microsoft.com/technet/security/bulletin/ms05-jul.mspx

- Vulnerability in Microsoft Word Could Allow Remote Code Execution (903672)
- Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)
- Vulnerability in JView Profiler Could Allow Remote Code Execution (903235)

Summary:

If you're using a fresh copy of Windows XP SP1a or newer along with Office 2003, you're pretty much ok. It's older versions of Office or apps that use Microsoft's Java Virtual Machine that seem to have the issues. The more intriguing issue is the the potential use of an ICC file that could be used to dupe a web surfer into giving unwanted access to a person's machine. It seems that some script kiddy is working overtime to uncover the least used facets of the Windows OS and exploiting them.

Recommendation:

Patch away!