Article

Microsoft to patch critical Windows flaw

SearchSecurity.com Staff

Microsoft plans to release two security updates Tuesday, including one critical patch for a remote code execution flaw affecting Microsoft Windows and Office.

Both vulnerabilities can be exploited by an attacker remotely to gain access to critical files, Microsoft said in its advance notification.

    Requires Free Membership to View

The critical flaw is in XML Core Services and affects versions of Windows 2000, Windows XP, Windows Vista and Windows Server 2003 and 2008.

A flaw, also in XML Core Services, is rated important and affects Microsoft Office 2003 Service Pack 3, Word Viewer 2003 Service Pack 3 and Microsoft Office Compatibility Pack for Word, Excel and PowerPoint 2007 file formats.

Microsoft assigns the critical rating to flaws that can be exploited by a malware attack without user action. The important rating goes to flaws whose exploitation could result in compromise of the confidentiality, integrity or availability of users data, or of the integrity or availability of processing resources.

The software maker is also planning to release non-security, high-priority updates on Microsoft Update, Windows Update and Windows Server Update Services (WSUS).

Meanwhile, Microsoft is still monitoring malware in the wild, attempting to exploit a remote procedure call (RPC) flaw that was repaired in its MS08-067 emergency bulletin.

Christopher Budd, security program manager in the Microsoft Security Response Center, is urging customers to deploy the patch as the threat of being attacked rises.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: