February's update fixes several 'critical' flaws
Published: 9 February 2005 09:40 GMT
Microsoft on Tuesday released a higher-than-usual number of monthly updates, more than half of which were given the software company's highest rating of "critical".
The software giant announced a dozen updates, eight of which were given its highest severity rating. Microsoft's Office XP, Internet Explorer 6 and an image file component of the Windows operating system for Media Player and MSN Messenger were among the updates dubbed critical.
Vincent Gullotto, vice president of the antivirus emergency response team for security specialist McAfee: "This is their second-largest bulletin release since they started doing these monthly updates, except for the 24 bulletins they released last year. But it's common to see this kind of ratio of critical bulletins."
Among the patches is a significant cumulative fix to resolve some of the underlying vulnerabilities of IE that have already been made public. Microsoft said those flaws have not yet been widely exploited.
Stephen Toulouse, a Microsoft security programme manager: "There is public exploit code out there for some of the IE vulnerabilities we are patching, but we have not heard of any widespread attacks."
The update for IE is designed to address vulnerabilities such as an attacker taking control of a system and installing programs; changing, deleting or viewing data; or creating new accounts with full user rights.
IE 6 with Service Pack 1 running on systems featuring Windows XP, with or without Service Pack 1, or Windows 2000 with Service Pack 4 or 3, are affected by this vulnerability.
The scheduled updates come as Microsoft announced plans to acquire security software developer Sybari Software and as it enters its fourth year of its Trustworthy Computing initiative to make its applications more reliable.
The latest flaws add to the many security headaches for businesses. One analyst urged consumers to automatically patch their systems to avoid such exploits but said that for businesses, it's not so easy.
Mark Nicolett, a Gartner analyst, said: "If I was John Doe consumer, I would have my auto-update turned on so it automatically installs the Microsoft updates. But for a corporation, it's not quite so simple. You have to do some level of quality control testing to make sure you're not affecting some of the applications you need to run for business."
Dawn Kawamoto writes for CNET News.com.
Researcher in Computational Finance - Cyprus - relocation pack You will be a Senior researcher with at least 5 years experience in statarb ...
A Leading Fixed income business that is part of a growing city based boutique investment bank is looking for a Senior Java developer to join their ...
MS Exchange/Windows XP Technical Support - Birmingham, West Midlands. My client is looking to add a Technology Officer to there current IT set up. ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy