You are here: silicon.com > Software > Security Strategy

Security Strategy

Microsoft finds another "critical" Windows flaw

But will it spawn another worm?

Tags: flaw, windows, microsoft

By Joris Evers

Published: 9 September 2005 08:15 GMT

As part of its monthly patching cycle, Microsoft on Tuesday plans to release one security alert for flaws in the Windows operating system.

The security bulletin is deemed "critical", Microsoft's highest risk rating, the company said in a notice posted on its website on Thursday. Last month's "Patch Tuesday" also included a critical alert for Windows flaws. One of the flaws was exploited days later by the Zotob worm that wreaked havoc on Windows 2000 systems worldwide.

Microsoft's Thursday notice did not specify whether one of the patches will be for Internet Explorer. Over the last few weeks, several security researchers have come forward with flaws in the web browser. Some of these vulnerabilities could let an attacker gain control of a user's PC.

There are several unpatched vulnerabilities in IE 6, according to Secunia. The security monitoring company has issued 85 alerts on the web browser since 2003; 19 of those security bugs remain unpatched, according to Secunia's website.

In addition to the Windows security fixes, Microsoft on Tuesday plans to release an update for Windows that it deems high priority but is not security related, the company said. Furthermore, an updated version of the Windows Malicious Software Removal Tool will be released. The tool detects and removes malicious code placed on computers.

Microsoft gave no further information on Thursday's bulletins, other than stating that some of the Windows fixes may require restarting the computer.

The Redmond, Washington, software giant provides information in advance of its monthly patch release day, which is every second Tuesday of the month, so people can prepare to install the patches. In August, Microsoft released six security bulletins, including three deemed "critical" for Windows.

Microsoft rates as critical any security threat that could allow a malicious internet worm to spread without any action required on the part of the user.

Microsoft said it will host a webcast about the new fixes on Wednesday at 11:00(PDT).

Joris Evers writes for CNET News.com

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business

Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business


  • Jobs
3 rd line Wintel Support Engineer - Central London

Your responsibilities will include; Proactive Server Maintenance through monitoring and patch management and deployment Installation, configuration ...

Oracle DBA - Database Administrator-Leeds

Assists in the design, coding, testing and implementation of databases, ensuring the latest patches and hot fixes are installed in accordance with ...

Technical Analyst - SMS, SCCM, WSUS - Patch & Release

The role will involve the assessment of vulnerabilities, patch testing and application deployment via remote systems such as SMS/SCCM, WSUS and ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.





Quick Sitemap Links: