Microsoft to issue critical fixes for Windows XP, Windows Server 2003

Article

Microsoft to issue critical fixes for Windows XP, Windows Server 2003

Microsoft said it would release three critical updates next week and one moderate update to repair flaws in Office applications and Windows as part of its monthly patch Tuesday update.

In the Microsoft advance patch notice,

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

the software maker said the security updates plug holes in Microsoft Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows XP Professional x64 Edition, Windows Server 2003 Service Pack 1, Windows Server 2003 x64 Edition, and Windows Server 2003 with SP1 for Itanium-based Systems.

Microsoft security news:
Microsoft releases April trove of patches: Windows, Office and IE all have patches deemed "critical" by Microsoft this month.

Inside MSRC: Microsoft gives guidance on security updates Microsoft's Bill Sisk takes the reader through the software giant's April 2008 security bulletins.

Microsoft's Mundie: Let's talk privacy Craig Mundie, Microsoft's chief research and strategy officer said industry must work together to address privacy and security challenges on the Internet.

The issue is with Microsoft's Jet 4.0 Database Engine, which could be exploited by an attacker remotely to gain access to a system.

A critical flaw in Microsoft Word 2000 Service Pack 3 could be exploited by an attacker to gain access remotely.

Important updates affect Microsoft Office 2004 and 2008 for Mac, Microsoft Outlook 2007 and Microsoft Word 2002, 2003 and 2007. Also affected is Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats.

Bill Sisk, the response communication manager for the Microsoft Security Response Center (MSRC), said the advance bulletin is preliminary information, and is subject to change.

"These updates may require a restart and will be detectable using the newly released version of the Microsoft Baseline Security Analyzer," he said in the Microsoft Security Response Center Blog.

The software giant will also release an updated version of its Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center, and host a Security Bulletin Webcast so customers can ask questions about the latest fixes.

Last month, Microsoft released five critical and three important vulnerabilities. The critical flaws left users open to remote code executions, and affected Office Project, Windows vis-à-vis Graphics Device Interface (GDI), VBScript and JScript scripting engines, and Internet Explorer.