
Just another Patchy Tuesday...
By Joris Evers
Published: 10 November 2006 09:00 GMT
Microsoft plans to issue six security bulletins on Tuesday, including at least one with a fix for a security vulnerability that is actively being used in cyber attacks.
As part of its monthly patching cycle, Microsoft will release a bulletin with a "critical" fix for a security hole in its XML Core Services software, the company said in a note on its website. The vulnerability is a so-called zero-day flaw that's already being exploited for attacks.
The other five security bulletins will deliver updates for Windows, some of which will be rated "critical", Microsoft said. Security companies are tracking several flaws in the operating system and in its web browser component, Internet Explorer, that have yet to be put right.
Got two seconds?
Make your voice heard - take our latest poll.
Microsoft did not specify how many vulnerabilities in total its security updates will tackle, or say which components of Windows are being repaired. Additionally, the company appears to have no patch ready for a flaw in Visual Studio 2005, which is also already being used in attacks.
Last month, the software maker delivered 10 security bulletins, six of which were deemed "critical", the company's most serious risk rating. Critical vulnerabilities typically can allow a worm to spread or allow a Windows system to be fully compromised with minor or no interaction from the person using it.
Also on Tuesday, Microsoft will release an updated version of its Windows Malicious Software Removal Tool. The program detects and removes common malicious code placed on computers.
The software behemoth gave no further information on the upcoming bulletins, other than stating the fixes may require restarting the computer or server.
Joris Evers writes for CNET News.com
Microsoft fixes faulty IE patch
Alert over "extremely critical" Word flaw
"Critical" Office update on the way
Attack code alert over unpatched IE flaw
Security group issues emergency IE patch
Redmond working "non-stop" on IE patch
Attackers 'making hay with Windows flaw'
Title: Web Applications Vulnerability Tester / Penetration Tester Salary: market rates but probably 40k to 60k Company: online / ecommerce company ...
Vulnerability Management Specialist role requirements: Performing regular and on demand vulnerability scanning of enterprise IT assets to ensure that ...
Candidates must have thorough experience of web application penetration testing which include both knowledge and experience in Man in the Middle ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy