All holes not patched in Microsoft June Patch

Microsofts June patch fixed Five security vulnerabilities that affected Windows, Internet Explorer and Office. However, a security flaw that we reported about last week, remains unpatched as it is being circulated around the net.

The Security patch for Office 2003 SP3 closes a hole that attackers are already using. Another critical update is the cumulative patch for Internet Explorer, which fixes a total of 19 security holes in all versions of IE that can lead to malware infections when browsing the internet.

The privilege escalation hole is not the one for which an exploit has been in circulation since early June. The hole has been known since mid-May. It was discovered by Google security researcher Tavis Ormandy, who publicly disclosed it without prior warning. Ormandy released an exploit on the internet a few weeks later. According to currently available information, all versions of Windows are affected.