Microsoft is starting 2009 with a single security update, according to an advance notice issued by the software...
Microsoft said the security update corrects a critical flaw in Windows. The update is part of Microsoft's monthly patch release. It corrects a flaw that could be exploited to execute code remotely. The update is rated critical and affects Windows 2000, Windows XP, and Windows Server 2003. It is rated moderate for Windows Server 2008, and Windows Vista.
The update will require a restart and will be detectable using the Microsoft Baseline Security Analyzer.
The software giant will also release an updated version of its Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center. Microsoft will also host a Security Bulletin Webcast so customers can ask questions about the latest fixes.
As part of its final official patch release of 2009, Microsoft issued eight security bulletins, including six rated critical, addressing serious flaws in Internet Explorer.
It also issued an emergency out-of-band patch for the XML handling flaw in Internet Explorer. Microsoft issued the emergency release because it said it was tracking attacks in the wild. Hackers were planting the exploit on websites using SQL injection techniques.