IT administrators should plan for a very busy Patch Tuesday.
Microsoft said on its TechNet site that it expects to issue 13 security bulletins Tuesday, some of them for critical security holes in Windows Media Player,
The software giant won't reveal full details of vulnerabilities to be patched until Tuesday afternoon. But Thursday it revealed that its patch release will address:
- "Moderate" security holes affecting SharePoint Services and Office;
- "Important" vulnerabilities in the .NET Framework;
- One or more "critical" vulnerabilities affecting Microsoft Office and Visual Studio; and
- One or more "critical" flaws in Windows, Windows Media Player and MSN Messenger.
Several media reports in the past month have mentioned vulnerabilities in Media Player. And Thursday several antivirus firms reported the appearance of two pieces of malicious code targeting MSN Messenger.
PandaLabs of Glendale, Calif., was among those issuing an alert for Bropia-E and Gaobot-CTX, which displays a photo of a roast chicken with a bikini tan in its messages.
Bropia-E uses MSN Messenger to spread, disguising itself as an image file with a variable name "taken from a long list of options and a .pif or .scr extension," PandaLabs said. Examples include "bedroom-thongs.pif," "LMAO.pif" or "LOL.scr."
If the user runs the file, the sinister code sends itself out to all the contacts in MSN Messenger and creates various files on the computer, including one called "winhost.exe," which contains Gaobot-CTX.
Gaobot-CTX carries out the actions that pose the biggest threat to the computer, connecting to IRC channels and waiting for commands from a remote user, PandaLabs said. This allows the attacker to download "all kinds of files to the affected computer: spyware, adware, other viruses, etc."