Since the end of March eEye Digital Security has discovered no less than nine vulnerabilities in Microsoft products, two in RealNetworks products, and one in Macromedia products. No patches are publicly available for any of these these problems.
Several of the vulnerabilities pertain to Internet Explorer and Outlook, the latest of which was reported on September 1. All of those vulnerabilities are considered to be high risks because they allow remote code execution. Other vulnerabilities pertain to Microsoft operating systems include Windows Server 2003, Windows XP, Windows 2000, and Windows NT. eEye considers all of the Microsoft-related vulnerabilities high risk (except one which is rated medium risk) because they each allow remote code execution.
The vulnerability in unnamed Macromedia products as well as the two vulnerabilities RealNetworks RealPlayer are also high risk issues that allow either arbitrary code execution or remote code execution.
While eEye does public a list of "upcoming advisories" the company doesn't publicly release details of vulnerabilities until vendors issue corresponding patches. Microsoft also remains quiet about details, however sometimes the company will issue advisories that might contain details about potential impacts as well as workaround information, particularly when too much vulnerability detail has been released to the public before patches are available.
Microsoft regularly releases security bulletins on the second Tuesday of each month. The next release is slated for September 12
