Microsoft Releases Three Updates for Eight Vulnerabilities ; Will These Stop The Antivirus XP/Vista/360 Outbreak??

During "patch Tuesday" Microsoft released three patches for a total of eight vulnerabilities; one of which is "critical" and the other two are "important". The patches are to fix the following:

MS09-006 ("critical") resolves a vulnerability in the Windows kernel for systems using Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The flaw could allow remote code execution if a user views a maliciously crafted EMF or WMF image file. This addresses vulnerabilities by validating input passed from user mode through the kernel component of GDI, correcting the way that the kernel validates handles, and changing the way that the Windows kernel handles specially crafted invalid pointers.

MS09-007 ("important") addresses a vulnerability in the Secure Channel (SChannel) security package in Windows. If exploited, it could allow spoofing, provided the attacker gains access to an end-user authentication certificate. This is for systems using Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. This addresses the vulnerability by modifying the way that the server parses key exchange data during the TLS handshake.

MS09-008 ("important") fixes vulnerabilities in the Windows DNS server and Windows WINS server. If exploited, these vulnerabilities could allow network traffic hijacking. This is for systems running Windows 2000 Server, Windows Server 2003, and Windows Server 2008. The security update addresses the vulnerabilities by correcting the way that Windows DNS servers cache and validate queries, and by modifying the way that Windows DNS servers and Windows WINS servers handle WPAD and ISATAP registration.

As of yet, Microsoft has not released a patch for the vulnerability discovered in Excel files which allow for malware to infect a computer through the Excel vulnerability. This may become more of an issue since it's tax season and more people are using Excel more frequently.

We are wondering if any of these updates will address the ways in which computers are currently being infected with the Antivirus XP/Vista/360 malware. The malware is being rapidly spread through corrupted/infected FLASH banner ads placed on websites and it sets up browser redirecting as well. We will be exploring this more by running some test computers and purposely visiting sites we know are infecting computers at this time. We will keep you posted!