We have received confirmation that the patch has been released by Apple to fix the SMS vulnerability in the iPhone OS.  It looks like the patch has to be downloaded from Apple iTunes.  From the Installation notes:

” iTunes will automatically check Apple’s update server on its weekly
schedule. When an update is detected, it will download it. When the
iPhone is docked, iTunes will present the user with the option to
install the update. We recommend applying the update immediately if
possible. Selecting “don’t install” will present the option the next
time you connect your iPhone.”

support.apple.com/kb/HT1222

The information indicates that it may take up to a week for the automatic update process to pick up the patch. They indicate that you can obtain the update manually via the “Check for Update” button in iTunes.  For more information see Apple’s support site.

Microsoft has released two out-of-band security bulletins. The first bulletin, MS09-034, is a cumulative security update for Internet Explorer that addresses several vulnerabilities. These vulnerabilities may allow a remote attacker to execute arbitrary code. The second bulletin, MS09-035, addresses vulnerabilities in the Visual Studio Active Template Library (ATL). Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.

Additionally, Microsoft has released security advisory 973882 to provide specific guidance for developers, IT professionals, consumers, and home users regarding the vulnerabilities in Active Template Library (ATL).

Network Logix encourages users and administrators to review Microsoft Security Bulletins MS09-034 and MS09-035 and Microsoft Security Advisory 973882 and apply any necessary updates or workarounds to help mitigate the risks.

To our ProCare Managed Office clients: Our network engineers are currently reviewing these updates, and will schedule these updates to automatically be pushed out to all workstations later this week.  For questions, please use the Feedback button to the left.

Microsoft has issued a Security Bulletin Advance Notification indicating that the July release cycle will contain six bulletins, three of which will have a severity rating of critical. The notification states that these critical bulletins are for Microsoft Windows. There will also be three important bulletins for Microsoft Office, Virtual PC and Virtual Server, and ISA Server. Release of these bulletins is scheduled for Tuesday, July 14.

Network Logix will provide additional information as it becomes available.

Network Logix will be pushing out a Microsoft Security Patch for Video ActiveX Controls this Saturday July 11, 2009  to all of our managed service clients.

For more information please see the following Microsoft Bulletin: http://support.microsoft.com/kb/972890.

TO OUR CLIENTS: Please make sure that all workstations and laptops are left on and connected to the Internet so that our engineers may complete the update.  Thank you.