Microsoft plans to issue four security vulnerabilities on Tuesday, May 13, three critical and one of moderate threat level. This is the first patch since the release of Windows XP Service Pack 3 but there will not be any fixes related to the Service Pack, despite some hiccupsreported by users.
The critical flaws affect Microsoft Office, Microsoft Word, and Microsoft Windows respectively. The most severe and widest impact appears to be in Windows, specifically, in the Jet 4.0 Database Engine.
The Security Advisory saying that it was "investigating new public reports of very limited, targeted attacks using a vulnerability in the Microsoft Jet Database Engine that can be exploited through Microsoft Word."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=iA number of applications use the Jet Database Engine, including Microsoft Access, Microsoft Visual Basic, and Internet Information Services (IIS) applications. Security firm Lumension is advising making the fix to Jet a priority.
Jet exploit could have widest impact
"The Jet bulletin is the critical patch that will have the widest impact because it affects Windows XP, Windows 2000 and Windows Server 2003," wrote Don Leatham, director of solutions and strategy, in a press statement. "When prioritizing this month's patches, this will probably get the most attention because of the number of organizations running these systems and programs."