Microsoft readies seven patches for Tuesday
Three are critical
Microsoft plans to issue seven security patches next Tuesday, three of which are rated "critical" because they could allow an attacker to remotely execute malicious code on an end user's machine.
Two of the critical updates plug holes in the entire line of supported Windows operating system versions. The patches address components including DirectX, DirectShow and Windows Media Format Runtime. The third critical fix is for versions 6 and 7 of the Internet Explorer browser.
In all, five updates fix vulnerabilities in Vista, which was designed from scratch to be Microsoft's most secure OS.
The details were made available through Microsoft's Security Bulletin Advance Notification, which is released five days prior to Microsoft's regularly scheduled patch release, which occurs on the second Tuesday of every month.
Four patches carry a maximum rating of "important". They address security flaws in a wide range of Windows versions, including Vista.
Microsoft released only limited details of the vulnerabilities. It's a safe bet that one of the patches will include a fix for a flaw in the SafeDisc copy protection software from Macrovision, which comes bundled with Windows XP and 2003 and was <a href="a flaw in the SafeDisc copy protection software from Macrovision that comes bundled with Windows XP and 2003 and was missing in action from last month's Patch Tuesday.
It's possible another fix will involve a vulnerability in a Windows feature known as Web Proxy Autodiscovery (WPAD), which helps IT administrators automate the configuration of proxy settings. Reports of the bug first surfaced 10 days ago, and on Monday Microsoft confirmed it was investigating them.
Several of the updates will require a reboot. ®
Microsoft's most secure OS...
... yeh, like cadbury's least fattening chocolate.
... or Paris' cleanest underwear.
How shallow is the ocean, how low is the sky?
More Malware from M$
MMM... Soon, I will have 80 PCs running GNU/Linux. When I have eliminated all of that other OS on my LAN the party will be at my place. You are all invited. Seriously, the few machines running that other OS cost me more hours every week than the 30 I now have running GNU/Linux because GNU/Linux is modular and configurable. I can fix something and it stays fixed, with few unintended consequences and no re-re-re-boots. The last XP machine I fixed took 2 re-installs (was owned before the first updates...) of 30 minutes and then updating for hours with many re-re-re-boots. The crashing that prompted the re-installation is still there... Another ME machine had no driver for a printer and M$'s license giving permission to install that driver had expired, so I installed Debian GNU/Linux and it worked smoothly. That liberation took 20 minutes, a bit of configuration and a reboot to make sure it survived a reboot. Why do people put up with that other OS in a production setting? Must be for the jobs it creates...
Actually 27 patches
We just bundled of the them and make six Bundles!