Microsoft to issue critical Windows patch

Article

Microsoft to issue critical Windows patch

Microsoft is starting 2009 with a single security update, according to an advance notice issued by the software giant.

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

SearchSecurity.com:
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

Microsoft said the security update corrects a critical flaw in Windows. The update is part of Microsoft's monthly patch release. It corrects a flaw that could be exploited to execute code remotely. The update is rated critical and affects Windows 2000, Windows XP, and Windows Server 2003. It is rated moderate for Windows Server 2008, and Windows Vista.

The update will require a restart and will be detectable using the Microsoft Baseline Security Analyzer.

Microsoft patching news:
Microsoft issues emergency patch to fix IE flaw: The software giant repaired a dangerous flaw being exploited if a user browses some legitimate websites.

Microsoft fixes critical flaws in Office, IE Dangerous flaws could allow an attacker to access sensitive files and gain complete control of a computer. More than two dozen flaws were patched.

Inside MSRC: Microsoft issues guidance on critical flaws Microsoft's Bill Sisk describes the latest bulletins and explains why new threat families were added to the Malicious Software Removal tool.

The software giant will also release an updated version of its Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center. Microsoft will also host a Security Bulletin Webcast so customers can ask questions about the latest fixes.

As part of its final official patch release of 2009, Microsoft issued eight security bulletins, including six rated critical, addressing serious flaws in Internet Explorer.

It also issued an emergency out-of-band patch for the XML handling flaw in Internet Explorer. Microsoft issued the emergency release because it said it was tracking attacks in the wild. Hackers were planting the exploit on websites using SQL injection techniques.