Greetings,

Microsoft and Oracle again released their patches together this week.

Microsoft published three critical and three important patches, including a currently exploited Microsoft Video ActiveX Control, the Embedded OpenType Font Engine and Microsoft DirectShow.

Active exploitation of Microsoft Office Web Components was reported on Monday.

A heads-up for any network admins who might have missed it, the ISC DHCP is vulnerable to a remote attack without user interaction. A rogue DHCP server could execute code with root privileges on the affected client machine.

Mozilla has released Firefox 3.5.1, now available for download to correct a code execution vulnerability.

Regards,

Patrick