Microsoft to issue critical fixes for Windows XP, Windows Server 2003

By SearchSecurity.com Staff 09 May 2008 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Microsoft said it would release three critical updates next week and one moderate update to repair flaws in Office applications and Windows as part of its monthly patch Tuesday update.

In the Microsoft advance patch notice, the software maker said the security updates plug holes in Microsoft Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows XP Professional x64 Edition, Windows Server 2003 Service Pack 1, Windows Server 2003 x64 Edition, and Windows Server 2003 with SP1 for Itanium-based Systems.

Microsoft security news: Microsoft releases April trove of patches: Windows, Office and IE all have patches deemed "critical" by Microsoft this month. Inside MSRC: Microsoft gives guidance on security updates Microsoft's Bill Sisk takes the reader through the software giant's April 2008 security bulletins. Microsoft's Mundie: Let's talk privacy Craig Mundie, Microsoft's chief research and strategy officer said industry must work together to address privacy and security challenges on the Internet.

The issue is with Microsoft's Jet 4.0 Database Engine, which could be exploited by an attacker remotely to gain access to a system.

A critical flaw in Microsoft Word 2000 Service Pack 3 could be exploited by an attacker to gain access remotely.

Important updates affect Microsoft Office 2004 and 2008 for Mac, Microsoft Outlook 2007 and Microsoft Word 2002, 2003 and 2007. Also affected is Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats.

Bill Sisk, the response communication manager for the Microsoft Security Response Center (MSRC), said the advance bulletin is preliminary information, and is subject to change.

"These updates may require a restart and will be detectable using the newly released version of the Microsoft Baseline Security Analyzer," he said in the Microsoft Security Response Center Blog.

The software giant will also release an updated version of its Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center, and host a Security Bulletin Webcast so customers can ask questions about the latest fixes.

Tags: Windows Security: Alerts, Updates and Best Practices,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Windows Security: Alerts, Updates and Best Practices Microsoft to address flaws in Windows, Office for Mac Microsoft fixes security update that breaks Internet Explorer What is the best database patch management process? Microsoft addresses critical SMBv2 flaw, fixes record number of flaws Microsoft to address SMB zero-day, IIS FTP Service vulnerabilities Microsoft releases temporary fix for SMB2 zero-day vulnerability Microsoft issues SMB vulnerability advisory, patch pending Attackers target Microsoft IIS; new SMB flaw discovered Microsoft repairs Windows media, TCP/IP vulnerabilities Microsoft five critical updates won't include IIS

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary BotHunter  (SearchSecurity.com) principle of least privilege (POLP)  (SearchSecurity.com) security identifier  (SearchSecurity.com) trusted computing  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary