Bugs and fixes: grab an essential fix for IE

With critical updates from Adobe, Foxit, and Mozilla joining a bevy of essential patches for Internet Explorer and Office, the fixes are running hot this summer.

After an ebb of only one patch in Microsoft's previous regular cycle, the flow resumed in force as Microsoft plugged 31 vulnerabilities. The most important update fixes flaws that could allow an attacker to take over your PC or steal data if you view a poisoned Web page. Collectively, the patches are critical for IE 5 on Windows 2000, IE 6 on Windows XP, and IE 7 on Windows XP and Vista. It's bad news for IE 8 as well, on both XP and Vista. IE 8 on the latest Windows 7 release candidate isn't affected. Run Windows Update to pick up the patch.

Office Fixes

Two other patches close holes that could allow tainted Word or Excel files to trigger an attack. Office 2000 is most vulnerable, as the hole could permit an attacker to run any command. The flaws are rated important for Office XP, 2003, and 2007, as well as for Office for Mac (2004 and 2008). Run Windows Update to get the fix.

A similar fix for Microsoft Works files and converters is critical for Office 2000, important for Office XP, 2003, and 2007, and important for Microsoft Works 8.5 and 9.

Windows 2000 users should nab a critical patch for three bugs in Windows Print Spooler that Internet attackers could hit if the PC isn't protected by a firewall. A successful attack could take over a Windows 2000 PC, but the threat is a bit less dangerous (rated moderate or important) for other versions of Windows.

A number of other Microsoft patches correct less-important holes; none of them would allow attackers to have their way with your PC. That said, make sure you have them all by running Windows Update.

Shockwave, Reader Updates

Adobe shored up its Shockwave Player with a must-have fix. Without it, if you have Shockwave 11.5.0.596 or earlier, visiting a site with a rigged Adobe Director file could allow a "remote code execution" that puts an attacker in command of your PC. Adobe recommends manually uninstalling the older version and installing the latest Shockwave Player. That isn't exactly convenient, but it beats the heck out of a malware infection.

You'll have a somewhat easier time snagging updates for Adobe's beleaguered Reader and Acrobat. The critical Reader and Acrobat update, to 9.1.2 (or to 8.1.6 or 7.1.3 for older versions), closes holes that could permit a takeover if you open a poisoned PDF file. Click Help, Check for updates to make sure you have the latest version, which is available for Windows, Macintosh, and Unix.

Foxy Upgrades

Users of the Foxit Reader PDF app don't get a free pass, either. To avoid triggering an attack when opening a malicious file, it needs fixes for the 3.0 base program and the JPEG2000/JBIG2 Decoder add-on (if present). Click Help, About Foxit Reader; if you don't have at least version 3.0 build 1817, download the latest Foxit version. Run Help, Check for updates to see if you have the latest JBIG2 add-on. (The update check unfortunately doesn't update older Foxit base software, but it will nab add-on updates.)

Finally, Mozilla released Firefox 3.5 at the end of June. If you haven't installed that browser yet, at least get the latest version 3.0 update. The fix addresses four critical bugs in JavaScript handling. Of those, two also affect the Thunderbird e-mail app and three affect the SeaMonkey suite; click Help, Check for Updates to see if you have at least Firefox 3.0.11, Thunderbird 2.0.0.22, or SeaMonkey 1.1.17.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags security

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Erik Larkin

PC World (US online)
Show Comments

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?